Report - medies.care/

Report Overview

Submitted URL
medies.care/
IP
85.214.51.223
ASN
#6724 Strato AG
Submitted
2023-02-16 10:03:28
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.medies.care	unknown	2022-03-30T17:35:06Z	2023-03-06T00:03:19Z	11 kB	1.1 MB	85.214.51.223
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.4 kB	77 kB	142.250.74.163
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.88.138.244
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	50 kB	34.120.237.76
medies.care	unknown	2022-03-30T09:17:28Z	2023-03-13T06:03:17Z	343 B	352 B	85.214.51.223
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.7 kB	5.6 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	425 B	630 B	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-16	medium	medies.care/	Phishing
2023-02-16	medium	www.medies.care/	Phishing
2023-02-16	medium	www.medies.care/js/modernizr-custom.js	Phishing
2023-02-16	medium	www.medies.care/js/main.js	Phishing
2023-02-16	medium	www.medies.care/img/furniture/furniture-1.webp	Phishing
2023-02-16	medium	www.medies.care/img/furniture/furniture-2.webp	Phishing
2023-02-16	medium	www.medies.care/img/furniture/furniture-3.webp	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	www.medies.care/js/main.js	280 kB	2023-03-07	2023-05-24
Pretty URL www.medies.care/js/main.js IP 85.214.51.223 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2023-05-24 19:03:41 Times Seen10 Hash 7d4191e5c052d2e6dc83803ded000789 c0aa6eebcfe0d20d866cd447cc35d49312e25aa7 75726e5e90f278eb872946ca0e30f353e468c0c54a05a0a4d0278c456007f766 Loading...

	www.medies.care/	41 B	2023-03-07	2024-04-18
Pretty URL www.medies.care/ IP 85.214.51.223 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-18 15:45:55 Times Seen7134 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	www.medies.care/js/modernizr-custom.js	3.4 kB	2023-03-07	2024-03-20
Pretty URL www.medies.care/js/modernizr-custom.js IP 85.214.51.223 ASN #6724 Strato AG Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:03 Last Seen2024-03-20 16:25:03 Times Seen338 Hash 925b1cfb3ff415d8a781c0a026a8f096 c7b3e086a5789ca2f8df8ea8b11148c23a5c785a 0db8807e1b34fff0005dfd2ee5e01e4467aa208a9e63f3291eeed6c2f1c47de9 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (62)

URL IP Response Size

medies.care/

85.214.51.223

301 Moved Permanently

162 B

URL HTTP/1.1
medies.care/
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 16 Feb 2023 10:03:16 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.medies.care/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
584dc97b4a725bab46f43b0c52ea2f21
4c7d5484aca5c64746185fa7a1e6103672fd6beb
726714a5ebdaa8dda3c669eedad6503ffd2a822cfd0bbdf5eb8a1d8ad43ad5bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "726714A5EBDAA8DDA3C669EEDAD6503FFD2A822CFD0BBDF5EB8A1D8AD43AD5BD"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4018
Expires: Thu, 16 Feb 2023 11:10:14 GMT
Date: Thu, 16 Feb 2023 10:03:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b39c3955aa73765d5c9cbe0d4c52f83
b13bf774f0189207d90d846b86b68fcf2f64f868
f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6222
Expires: Thu, 16 Feb 2023 11:46:58 GMT
Date: Thu, 16 Feb 2023 10:03:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3534c46dafa4e959cb5f4aba0b1d8cd7
f4aa8774355b04bf1f074aeb73c56c52b32568ab
68b7b6679046611b607c073416e818c6d0391e2953ecc8781b02e57a9b5af306

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B7B6679046611B607C073416E818C6D0391E2953ECC8781B02E57A9B5AF306"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8270
Expires: Thu, 16 Feb 2023 12:21:06 GMT
Date: Thu, 16 Feb 2023 10:03:16 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 16 Feb 2023 09:49:12 GMT
content-type: application/json
age: 844
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eK/FmjcAOlJD/TNSw+Vfn6t+0VI1C8glUYHPMEKkDBoLhlb79OMt28kB252hP1dA52tSoOp739k=
x-amz-request-id: VEWZEEK8WRMPJ1CG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 16 Feb 2023 09:49:19 GMT
age: 837
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 16 Feb 2023 10:03:16 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.medies.care/

85.214.51.223

200 OK

11 kB

URL HTTP/1.1
www.medies.care/
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
11 kB (11226 bytes)
Hash
6feb55c21a4ac5e84bf2abc28fc7a1c7
406b59f073634da90e1d91e7afc8689f195e874a
953a6ffb6c975602e48b19a3c504376835372a4d4c2c24218a56a457cb20d434

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: text/html
Content-Length: 11226
Last-Modified: Wed, 30 Mar 2022 16:07:39 GMT
Connection: keep-alive
ETag: "6244804b-2bda"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/vendors/flaticon/flaticon.css

85.214.51.223

200 OK

1.2 kB

URL HTTP/1.1
www.medies.care/vendors/flaticon/flaticon.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text
Size
1.2 kB (1154 bytes)
Hash
52e98ba12b82aa8ebaabcee9862520c6
937126863cd485219868e9ecfac5288421f203ca
1c2fe0ac1ea3095c21583d6bd64ee4c4a5b0fe77b7adf86e81fbb00d54fe9b5b

HTTP Headers

GET /vendors/flaticon/flaticon.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: text/css
Content-Length: 1154
Last-Modified: Wed, 30 Mar 2022 16:06:35 GMT
Connection: keep-alive
ETag: "6244800b-482"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/vendors/linericon/style.css

85.214.51.223

200 OK

7.0 kB

URL HTTP/1.1
www.medies.care/vendors/linericon/style.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (7032)
Size
7.0 kB (7033 bytes)
Hash
877b0b4222420ee83431a35f55222212
805d3933ee7e60fb1f6312dc48482d5482bff339
f1aa093bcc38b75c474b103e7c197a50f2f5e8b91d43e0f48f8b80d37f22fbaa

HTTP Headers

GET /vendors/linericon/style.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: text/css
Content-Length: 7033
Last-Modified: Wed, 30 Mar 2022 16:06:46 GMT
Connection: keep-alive
ETag: "62448016-1b79"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 16 Feb 2023 09:14:54 GMT
age: 2903
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.medies.care/js/modernizr-custom.js

85.214.51.223

200 OK

3.4 kB

URL HTTP/1.1
www.medies.care/js/modernizr-custom.js
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (3302)
Size
3.4 kB (3401 bytes)
Hash
925b1cfb3ff415d8a781c0a026a8f096
c7b3e086a5789ca2f8df8ea8b11148c23a5c785a
0db8807e1b34fff0005dfd2ee5e01e4467aa208a9e63f3291eeed6c2f1c47de9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/modernizr-custom.js HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: application/javascript
Content-Length: 3401
Last-Modified: Wed, 30 Mar 2022 16:05:57 GMT
Connection: keep-alive
ETag: "62447fe5-d49"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/css/main.css

85.214.51.223

200 OK

199 kB

URL HTTP/1.1
www.medies.care/css/main.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (65536), with no line terminators
Size
199 kB (198739 bytes)
Hash
1cd8f7254421075c0a008080c0261df5
fd3d919ea2adc8fde0f4ddd0b0be74e1ccb6ac84
34d72924701b71b032df105f336158393180e98f80fa520efaef6566cceeec6a

HTTP Headers

GET /css/main.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: text/css
Content-Length: 198739
Last-Modified: Wed, 30 Mar 2022 16:05:31 GMT
Connection: keep-alive
ETag: "62447fcb-30853"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/css/main_2.css

85.214.51.223

200 OK

105 kB

URL HTTP/1.1
www.medies.care/css/main_2.css
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (27303)
Size
105 kB (104894 bytes)
Hash
5402be9d0d8f1b3bba4fc750c01253e0
9ac403adff4ead978183648b94d62a484cdf0789
1d8feb4fec960d5723e9cac866e52d5417f082bca5bde6e9e101cba9600e1a4b

HTTP Headers

GET /css/main_2.css HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: text/css
Content-Length: 104894
Last-Modified: Wed, 30 Mar 2022 16:05:31 GMT
Connection: keep-alive
ETag: "62447fcb-199be"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/js/main.js

85.214.51.223

200 OK

280 kB

URL HTTP/1.1
www.medies.care/js/main.js
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
ASCII text, with very long lines (32058)
Size
280 kB (279639 bytes)
Hash
7d4191e5c052d2e6dc83803ded000789
c0aa6eebcfe0d20d866cd447cc35d49312e25aa7
75726e5e90f278eb872946ca0e30f353e468c0c54a05a0a4d0278c456007f766

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/main.js HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: application/javascript
Content-Length: 279639
Last-Modified: Wed, 30 Mar 2022 16:05:57 GMT
Connection: keep-alive
ETag: "62447fe5-44457"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/clients-logo/c-logo-5.png

85.214.51.223

200 OK

6.0 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-5.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
6.0 kB (6042 bytes)
Hash
2d9ac934928ef9851d3cb267194ee893
c2f927c3092e607d027db5252bb9044b5d1ffb60
0dd302b82444081b6dc915214f019f9854a6cbf1cf375eed804846fd1ddea7e9

HTTP Headers

GET /img/clients-logo/c-logo-5.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 6042
Last-Modified: Wed, 30 Mar 2022 16:06:08 GMT
Connection: keep-alive
ETag: "62447ff0-179a"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/logo.png

85.214.51.223

200 OK

9.5 kB

URL HTTP/1.1
www.medies.care/img/logo.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 245 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
9.5 kB (9535 bytes)
Hash
15c31072b01fcddc0f119c4685a73d65
458e7c9543b09b4f6f27695577e7a8e76dc4d845
e66e02a59f206227916a1e515f46743867af58390e9d785288e1cd14cb9a587e

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 9535
Last-Modified: Wed, 30 Mar 2022 16:05:49 GMT
Connection: keep-alive
ETag: "62447fdd-253f"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/clients-logo/c-logo-2.png

85.214.51.223

200 OK

6.4 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-2.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
6.4 kB (6401 bytes)
Hash
8e37dce60ffdff92110d2da0dc5e6eb2
e6689013e06a5db7ebba58793306ea0ba5dbe03b
3ea1c4bd9a116517a93f435344bb37c5ddd7a1fb9608e59b589710410f7169a7

HTTP Headers

GET /img/clients-logo/c-logo-2.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 6401
Last-Modified: Wed, 30 Mar 2022 16:06:07 GMT
Connection: keep-alive
ETag: "62447fef-1901"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/clients-logo/c-logo-1.png

85.214.51.223

200 OK

5.0 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-1.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (4953 bytes)
Hash
61b67b2bd60ed7fa14552626e757892a
b97dd5294806f2a8465c08e1c728c3a71bf1ccd6
56e0746d8a46093ec1e68a062aa10ba5407249a04d00084bea13dec5766db661

HTTP Headers

GET /img/clients-logo/c-logo-1.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 4953
Last-Modified: Wed, 30 Mar 2022 16:06:07 GMT
Connection: keep-alive
ETag: "62447fef-1359"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/logo-2.png

85.214.51.223

200 OK

9.9 kB

URL HTTP/1.1
www.medies.care/img/logo-2.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 245 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9909 bytes)
Hash
d81985ac35f45d1be4c1e8d6728bf395
645d02037b338e8803910f35c011453f47037ada
b69441a8d8888d0a9ae13c818bc80e4629aa041931687bbefda8bb494fbedf5a

HTTP Headers

GET /img/logo-2.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 9909
Last-Modified: Wed, 30 Mar 2022 16:05:49 GMT
Connection: keep-alive
ETag: "62447fdd-26b5"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb027c18d0a67712fd32d67fa1448c1d
dc53d83d3c66e1b9e0b445cecc7bb2208dd28dd7
5c08a46974dd1b4bf86c4506794d88429ebc4bed5bbbfce0dd96a8c07430305a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/img/icon_1.png

85.214.51.223

200 OK

5.3 kB

URL HTTP/1.1
www.medies.care/img/icon_1.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.3 kB (5319 bytes)
Hash
ba618037dc4d174d8a490595769d5030
e1c402d71b70197b961bb5044c82a2ccd72a9780
30655e4953c2640e484c7dfeffdf9bce57b47d991e04e6941b742b5f6e100eaa

HTTP Headers

GET /img/icon_1.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 5319
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-14c7"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_2.png

85.214.51.223

200 OK

5.6 kB

URL HTTP/1.1
www.medies.care/img/icon_2.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5586 bytes)
Hash
426bd41669be86f8579a49e05975150e
503358e6b16b957d1617925604452a6e9b34a955
f3699ca32fb0ab72c394de5de74e0d1ddb141b851cdc647eef066281b6e3f97f

HTTP Headers

GET /img/icon_2.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 5586
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-15d2"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_3.png

85.214.51.223

200 OK

6.3 kB

URL HTTP/1.1
www.medies.care/img/icon_3.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
6.3 kB (6300 bytes)
Hash
4f3802a2c8e0a296e4b569e3e6ba8d46
98efcb1925a6be1b300abb07694f3ab26164e010
b945704ddc90aec09f5532c58dfcf82ca69c3b02a8c96526947a5a8f5b7955d5

HTTP Headers

GET /img/icon_3.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 6300
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-189c"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_4.png

85.214.51.223

200 OK

5.7 kB

URL HTTP/1.1
www.medies.care/img/icon_4.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5733 bytes)
Hash
5efeafce8517875c56fc467d25edc42f
a49cdc28c792c502f4f10d27e8fab4dd2fa2c752
87d135d2d274889debb8f92be190c8890ddcd17877c858b3e842e3d826b9cac8

HTTP Headers

GET /img/icon_4.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 5733
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-1665"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9510916a15d80ca2eb9fc98904cb93ee
420495d8896aeaf34e73a1c6ad8d95c882553c11
4391a82749b95a599bd1605b98b665772676ea8707765b8d9f8451774f6a709f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4391A82749B95A599BD1605B98B665772676EA8707765B8D9F8451774F6A709F"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6146
Expires: Thu, 16 Feb 2023 11:45:43 GMT
Date: Thu, 16 Feb 2023 10:03:17 GMT
Connection: keep-alive

www.medies.care/img/clients-logo/c-logo-4.png

85.214.51.223

200 OK

8.3 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-4.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
8.3 kB (8296 bytes)
Hash
095b57b0e66409276f9705aaadc70e3d
042976d728895fdb70be1864a90e8d9ab691f551
0fe830c3c32ad4f4d33371be2e651ca746c3b2b0c26f372052c48bdf5a077b66

HTTP Headers

GET /img/clients-logo/c-logo-4.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 8296
Last-Modified: Wed, 30 Mar 2022 16:06:08 GMT
Connection: keep-alive
ETag: "62447ff0-2068"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_5.png

85.214.51.223

200 OK

5.9 kB

URL HTTP/1.1
www.medies.care/img/icon_5.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5923 bytes)
Hash
97d41878130822f50290d82839f8f0c5
6ecdcec9d5fa77a34e33f30ae758b2e591c31a9a
d470046393435cf179fb649e5d7d1fcd68745bd30fa68ba51bde9917fb100b1c

HTTP Headers

GET /img/icon_5.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 5923
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-1723"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/icon_6.png

85.214.51.223

200 OK

4.2 kB

URL HTTP/1.1
www.medies.care/img/icon_6.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 71 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4206 bytes)
Hash
0a84dd191325671f8c5b41ed4ba9fef4
53011e9c655a3eebd4e0cbe1675ff88f11c0a1c9
5258aee701153bd2855a2f9ae66281f7daa131ebafc2da19b29391c9ffb3562f

HTTP Headers

GET /img/icon_6.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 4206
Last-Modified: Wed, 30 Mar 2022 16:05:48 GMT
Connection: keep-alive
ETag: "62447fdc-106e"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/banner/home-banner.jpg

85.214.51.223

200 OK

182 kB

URL HTTP/1.1
www.medies.care/img/banner/home-banner.jpg
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x900, components 3\012- data
Size
182 kB (181735 bytes)
Hash
10c664ae179e60ae3a148a666262e84b
65ca870e06849224dd4798e37edec340d9d9a617
72069da7b10ced2e3118620083b9b77580c23fdcc35432ef0a14e5cd5d324c90

HTTP Headers

GET /img/banner/home-banner.jpg HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/jpeg
Content-Length: 181735
Last-Modified: Wed, 30 Mar 2022 16:06:03 GMT
Connection: keep-alive
ETag: "62447feb-2c5e7"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/furniture/furniture-1.webp

85.214.51.223

200 OK

14 kB

URL HTTP/1.1
www.medies.care/img/furniture/furniture-1.webp
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x211, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (14538 bytes)
Hash
671bdd98fc6c5f6b60c086a83fc8c0be
90cf63774366d5706219966be0d5b05d85c8ec80
f58f820b237fb845f6be1efcd448794155ddad17be1e04d5da3849d8c452564f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/furniture/furniture-1.webp HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/webp
Content-Length: 14538
Last-Modified: Wed, 30 Mar 2022 16:06:19 GMT
Connection: keep-alive
ETag: "62447ffb-38ca"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/img/furniture/furniture-2.webp

85.214.51.223

200 OK

12 kB

URL HTTP/1.1
www.medies.care/img/furniture/furniture-2.webp
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x211, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12436 bytes)
Hash
3c65154910c57868b7bcc32fa9ecce50
4528af97a2378ed2c457b75963a61fd7a3c8b89e
1057a850ac4e673a8fab7d35a5c7252c0e2c08fcded21035426367d7d0177c37

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/furniture/furniture-2.webp HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/webp
Content-Length: 12436
Last-Modified: Wed, 30 Mar 2022 16:06:20 GMT
Connection: keep-alive
ETag: "62447ffc-3094"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/vendors/linericon/fonts/Linearicons-Free.woff2?w118d

85.214.51.223

200 OK

22 kB

URL HTTP/1.1
www.medies.care/vendors/linericon/fonts/Linearicons-Free.woff2?w118d
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
Web Open Font Format (Version 2), TrueType, length 21780, version 1.0\012- data
Size
22 kB (21780 bytes)
Hash
03e91f122aa5fd425abbe23c85546eb0
c87a3db06c5db4e75e639382f174eafa439aeb27
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33

HTTP Headers

GET /vendors/linericon/fonts/Linearicons-Free.woff2?w118d HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.medies.care/vendors/linericon/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: font/woff2
Content-Length: 21780
Last-Modified: Wed, 30 Mar 2022 16:07:01 GMT
Connection: keep-alive
ETag: "62448025-5514"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/furniture/furniture-3.webp

85.214.51.223

200 OK

6.1 kB

URL HTTP/1.1
www.medies.care/img/furniture/furniture-3.webp
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x211, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.1 kB (6092 bytes)
Hash
711a15e6e7c0bd293b3d5ab0fdda4f6f
55e8377007af0f218e1ced6a9213ec396b62368c
65a84eb18c58380e58b4478e0bbe9f0142bf0f0c6e1e06ffe211c72378950d12

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /img/furniture/furniture-3.webp HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/webp
Content-Length: 6092
Last-Modified: Wed, 30 Mar 2022 16:06:20 GMT
Connection: keep-alive
ETag: "62447ffc-17cc"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Feb 2023 16:46:00 GMT
expires: Wed, 14 Feb 2024 16:46:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 148637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2

142.250.74.163

200 OK

27 kB

URL HTTP/2
fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 27116, version 1.0\012- data
Size
27 kB (27116 bytes)
Hash
13c1ac7fc8f934e169620e81471a3a54
d111242b230c54204e9ec061537869f8ce20cb53
b38977ea35fde92fe200fa14ac7cc55e2edce54b998ce9a08734ba1dd9053fed

HTTP Headers

GET /s/heebo/v21/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 22:27:24 GMT
expires: Thu, 15 Feb 2024 22:27:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
content-type: font/woff2
age: 41753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2

142.250.74.163

200 OK

7.0 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7016, version 1.0\012- data
Size
7.0 kB (7016 bytes)
Hash
53f395eb854a40e978706b1082570e42
70fba5c0c3e1f5c5786e615d35a21c54b1c0a39c
713780d8b30bda5583052ea847cdcb4f2956c2ac5ff38a7e538ba8f14ad1043e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Feb 2023 18:55:17 GMT
expires: Tue, 13 Feb 2024 18:55:17 GMT
cache-control: public, max-age=31536000
age: 227280
last-modified: Wed, 11 May 2022 19:25:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2

142.250.74.163

200 OK

7.1 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7112, version 1.0\012- data
Size
7.1 kB (7112 bytes)
Hash
28668857bef1b85c5748a482cf9b74af
7cfbc415c45b2274a5997255fbec0fb53bbe327d
daf51ab540602b2d0b87646621637bac38889bb34effb8a432ae739aca78b5c0

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Feb 2023 21:51:28 GMT
expires: Wed, 14 Feb 2024 21:51:28 GMT
cache-control: public, max-age=31536000
age: 130309
last-modified: Wed, 11 May 2022 19:24:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.medies.care
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 03:13:04 GMT
expires: Fri, 16 Feb 2024 03:13:04 GMT
cache-control: public, max-age=31536000
age: 24613
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.medies.care/img/clients-logo/c-logo-3.png

85.214.51.223

200 OK

5.7 kB

URL HTTP/1.1
www.medies.care/img/clients-logo/c-logo-3.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 118 x 70, 8-bit/color RGBA, non-interlaced\012- data
Size
5.7 kB (5745 bytes)
Hash
43a2bfec90eabe843a39eb9c6082f9b7
f18b0d7ab85f20a68390a1600e198388599463a8
fd52ecf8936af56315fa661f5cee4f2fe2340d9f1e5e2f00f089b544e5fa1761

HTTP Headers

GET /img/clients-logo/c-logo-3.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 5745
Last-Modified: Wed, 30 Mar 2022 16:06:07 GMT
Connection: keep-alive
ETag: "62447fef-1671"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/img/notify-bg.jpg

85.214.51.223

200 OK

115 kB

URL HTTP/1.1
www.medies.care/img/notify-bg.jpg
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251Narith Thongphasuk38 - stock.adobe.com], baseline, precision 8, 1920x612, components 3\012- data
Size
115 kB (114778 bytes)
Hash
31dfd7b218eb4f3097979a3c3671965c
bf87573ff2901621072eb0b85726f4562370d695
66226396773ed5c91e8ecbb6997f5bb38bfb9c085ed3ad77bf433a752ab41f9a

HTTP Headers

GET /img/notify-bg.jpg HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/jpeg
Content-Length: 114778
Last-Modified: Wed, 30 Mar 2022 16:05:50 GMT
Connection: keep-alive
ETag: "62447fde-1c05a"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 10:03:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.medies.care/fonts/fontawesome-webfont.woff2?v=4.5.0

85.214.51.223

200 OK

72 kB

URL HTTP/1.1
www.medies.care/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.medies.care/css/main_2.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: font/woff2
Content-Length: 71896
Last-Modified: Wed, 30 Mar 2022 16:05:45 GMT
Connection: keep-alive
ETag: "62447fd9-118d8"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

www.medies.care/img/favicon.png

85.214.51.223

200 OK

5.9 kB

URL HTTP/1.1
www.medies.care/img/favicon.png
IP
85.214.51.223:0
ASN
#6724 Strato AG

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
5.9 kB (5868 bytes)
Hash
20b83a9a39c6cc973c9083dd039552c1
c1ee9da3853642296d04eb403b8d6310d476f24f
4a7fe8c5e6fc969094da2e122ca315104461f3759af74fc54e5a528cb9e79b03

HTTP Headers

GET /img/favicon.png HTTP/1.1
Host: www.medies.care
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 16 Feb 2023 10:03:17 GMT
Content-Type: image/png
Content-Length: 5868
Last-Modified: Wed, 30 Mar 2022 16:05:47 GMT
Connection: keep-alive
ETag: "62447fdb-16ec"
Strict-Transport-Security: max-age=15768000; includeSubDomains
X-Powered-By: PleskLin
Accept-Ranges: bytes

push.services.mozilla.com/

52.88.138.244

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.138.244:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I+XPVHXDOKLzLt881Mur3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8ImHnSiDRU7AnQR8H2XTYfA4bgg=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 16 Feb 2023 12:04:46 GMT
Date: Thu, 16 Feb 2023 10:03:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 16 Feb 2023 12:04:46 GMT
Date: Thu, 16 Feb 2023 10:03:18 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Thu, 16 Feb 2023 12:04:46 GMT
Date: Thu, 16 Feb 2023 10:03:18 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60992207-813f-4af9-8a53-1fe7db73e775.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60992207-813f-4af9-8a53-1fe7db73e775.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5771 bytes)
Hash
fefef445f5d680bee0e3434dcfdffb83
fb61b6f0c85061d916f33d94df09eec695efe166
5e445c8cfc1f31dd009715d73570ea8c899b0f9e01a72a15a22560ba45cb4c15

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60992207-813f-4af9-8a53-1fe7db73e775.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5771
x-amzn-requestid: ccd647e0-246c-4fad-9cc2-5ff268445bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzIF2VIAMFZcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5013-523df15a1b12bb6a680bf4c9;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -1uDkjmhY7ilAm0FIA0Vz5bZhS6YftUSigmvCjUkxa_slZpKBB035A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:43:00 GMT
age: 44418
etag: "fb61b6f0c85061d916f33d94df09eec695efe166"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4253 bytes)
Hash
f605d750b4f6c765d827527cc6846627
64e73779243684555e7835698e53a50352071ad6
707d1050736f19c06a88abac85c5a4e17dc12ba09618a5bbc67bbd416a6d2b25

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4253
x-amzn-requestid: c62459f6-3b6a-4ef8-a1db-79857cd60196
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzeGo9IAMFtoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5015-0be365d62e47063b1341b454;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cUKqMz9rzrodOzMj2-uTW-k_G3_6zIheZjofTH1ZguFHGC38iu6Uag==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:55:05 GMT
age: 43693
etag: "64e73779243684555e7835698e53a50352071ad6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6879 bytes)
Hash
9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xbgg-u4XnfyMxwnhxRaHMSl01SjYjEFmG8DbSyqJYThdQOlVgWVp6A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 12:23:49 GMT
age: 77969
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F286b4e23-2f24-4932-bfd4-ba436c31684d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6433 bytes)
Hash
1ea5cca15797e54167789b55364dfddf
0feaec0e29208860a9be0523af419363df2e4182
7e57d39f0d12002905d70eb92519995f4cf8839f57c1c79771626819ad46a3f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F286b4e23-2f24-4932-bfd4-ba436c31684d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6433
x-amzn-requestid: ee3090ec-14d5-4c9f-be06-6543ec18c260
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzpG8qoAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5017-28184eb57ce3801903ccd1df;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YBg-sbZQKY05he8yDo9O2ODA5Ziw1YbWLwrHfdHHIL_SP2D-IZ9KWQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:55:05 GMT
age: 43693
etag: "0feaec0e29208860a9be0523af419363df2e4182"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e51457-225d-469d-989d-ebf239506fc8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8453 bytes)
Hash
a0780e4c449326b4ac1394352941c0d8
6a5e85b972168f307657f7935027c8104986764a
45a12f70e137f35ce57223a8471e6a3611dc2e893d5f447e4caf0d14b2513d8c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e51457-225d-469d-989d-ebf239506fc8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8453
x-amzn-requestid: 4c72f445-aab1-4947-84b6-8ab0df460829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AT-52GhDoAMF8Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eb11d8-62e2951c13d5879a64b9d555;Sampled=0
x-amzn-remapped-date: Tue, 14 Feb 2023 04:45:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mvWDvtYdG7WwTb_RzRbX-edf4nODcfr9RYUetU8phxjfePGD-xeO7Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:58:18 GMT
etag: "6a5e85b972168f307657f7935027c8104986764a"
content-type: image/jpeg
age: 43500
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ddf2390-9365-4e6b-8c2d-8914c8048fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.1 kB (3071 bytes)
Hash
6a41a3409f2c1cbd1c33b79b28499fc1
93c97ef46a569ea13ba8de5a51aaac968582b125
e7c051fe735cecb13b27fa915d02cee185a78bd7bd6be20a5b60a839dae675a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ddf2390-9365-4e6b-8c2d-8914c8048fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3071
x-amzn-requestid: d3c02d0c-ff5a-4ca6-b0e4-50a1129cc9a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmigE9GoAMFbWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5142-63cff1f52b2a4b8c20304d8e;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:40:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: X55WQqXAX4f8KPYUjUYXQzHPXBgzxw1F4z7R9URk0fyO2gvj-R7u_w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:43:00 GMT
etag: "93c97ef46a569ea13ba8de5a51aaac968582b125"
content-type: image/jpeg
age: 44418
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd78992f4-af2d-45e5-8f91-abdaeac88916.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7451 bytes)
Hash
d40b5d56eb9e9c4fca362f56423387bc
4c568483387863398921826b5727bca298cb97d7
e950b83e1c775e27413b3e5ce9581ed31d53b0e4e187d1fcdc7642900e7271d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd78992f4-af2d-45e5-8f91-abdaeac88916.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: 7d5675ec-acfc-47b8-bd98-694bfc73469e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmVKGh_oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50ed-4517a3be510c1a14777cf621;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QKDAteeHZexV9a2fG_maQPRxn8qDLQVuKOSti6iTlB74IuqLeITng==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 22:13:13 GMT
age: 42612
etag: "4c568483387863398921826b5727bca298cb97d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Heebo:300,400,500,700|Roboto:300,400,500,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Heebo:300,400,500,700|Roboto:300,400,500,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Heebo:300,400,500,700|Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.medies.care/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 16 Feb 2023 10:03:17 GMT
date: Thu, 16 Feb 2023 10:03:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (62)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2