mediscribes.xecurify.com Open in urlscan Pro
52.1.106.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mediscribes.xecurify.com/
Effective URL:
https://mediscribes.xecurify.com/moas/login
Submission: On October 01 via api (October 1st 2024, 10:33:16 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 52.1.106.155, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is mediscribes.xecurify.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 14th 2024. Valid for: a year.

This is the only time mediscribes.xecurify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	52.1.106.155 52.1.106.155	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
24	7

11 52.1.106.155 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-106-155.compute-1.amazonaws.com

mediscribes.xecurify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.xecurify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	xecurify.com 1 redirects mediscribes.xecurify.com login.xecurify.com — Cisco Umbrella Rank: 551506	60 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 341	91 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	32 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 851	35 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	6 KB
24	6

	Domain	Requested by
9	mediscribes.xecurify.com	1 redirects mediscribes.xecurify.com
5	cdn.jsdelivr.net	mediscribes.xecurify.com
4	fonts.googleapis.com	mediscribes.xecurify.com
2	code.jquery.com	mediscribes.xecurify.com
2	login.xecurify.com	mediscribes.xecurify.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	mediscribes.xecurify.com
1	cdnjs.cloudflare.com	mediscribes.xecurify.com
24	8

This site contains no links.

Subject Issuer	Validity	Valid
xecurify.com Amazon RSA 2048 M03	`2024-03-14` - `2025-04-12`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mediscribes.xecurify.com/moas/login
Frame ID: D2AEC50B5101AA264CCC3F6226A98E0A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account Login

Page URL History Show full URLs

https://mediscribes.xecurify.com/ HTTP 301
https://mediscribes.xecurify.com/moas/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

226 kB
Transfer

955 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mediscribes.xecurify.com/ HTTP 301
https://mediscribes.xecurify.com/moas/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
mediscribes.xecurify.com/moas/
Redirect Chain

https://mediscribes.xecurify.com/
https://mediscribes.xecurify.com/moas/login

16 KB
6 KB

190ms
189ms

Document
text/html

52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-106-155.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bd5f86eb726a4cccb87897cc9792715ddf9ebe3671ca31ba7b4e28581b78f1cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store
content-encoding: gzip
content-language: en
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
content-security-policy-report-only: object-src 'none'; script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:; base-uri 'none';
content-type: text/html;charset=UTF-8
cross-origin-embedder-policy-report-only: require-corp
cross-origin-opener-policy: same-origin
date: Tue, 01 Oct 2024 10:33:11 GMT
permissions-policy: geolocation=(),midi=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000;includeSubdomains;preload
vary: Sec-Fetch-Dest,Sec-Fetch-Mode,Sec-Fetch-Site,Sec-Fetch-User
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

content-length: 162
content-type: text/html
date: Tue, 01 Oct 2024 10:33:11 GMT
location: https://mediscribes.xecurify.com/moas/login
server: nginx

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 227 KB
31 KB 153ms
49ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mediscribes.xecurify.com
Referer: https://mediscribes.xecurify.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
age: 17304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FR1YJB7Ja3HSekeMzr%2Fyw2IKURj05SDhO3bmhW7159DVinlPYqNyMwglNmnW99tnS0yvIKceIodTloqqa6SO1xDOVyyvn4TqpY%2BGtN4%2FARLsnc0fFkhkV0uTiwVhqdEiZKXXvyoLx0qoQKZ9AQE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220083-FRA, cache-lga21981-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cbbcb094de2dc74-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30835
server: cloudflare
x-jsd-version: 5.3.2

GET
H2 200 common_style.css
mediscribes.xecurify.com/moas/css/ 26 KB
6 KB 176ms
132ms Stylesheet
text/css 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/css/common_style.css?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: de3b3e113d435739bf91972ca5d309ffe7d204c76cd742f76fc88eb7a49ed088

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66d83162-682a"
expires: Tue, 08 Oct 2024 10:33:11 GMT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css
last-modified: Wed, 04 Sep 2024 10:07:30 GMT
server: nginx

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 108ms
51ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 984956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPuUgOfHI%2FSP3W%2FGmQ5OlpCK4IG%2ByTSBJeEOjWV8KeX1umdDbhb9HvzL1yIU1PRhWGQ62EXcE8lE0DC8H9DO7VAJVKgPvdEU59uKi5Lnlszqt5Yrf96qUAfrgngeWF8J7vy1g%2BPh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 21 Sep 2025 10:33:11 GMT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cbbcb08f8734d74-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H2 200 icon
fonts.googleapis.com/ 569 B
416 B 194ms
76ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 01 Oct 2024 10:33:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 01 Oct 2024 10:33:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 remixicon.css
cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/ 108 KB
14 KB 149ms
50ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/remixicon@2.5.0/fonts/remixicon.css

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"1af66-MA7aTWKCoG0FYjklj9PTw0TfSFM"
age: 3048143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yM0ZUU%2FrwqZMEkNKAdUHR%2Byk69JpXeEc4AzO5LHtSbP7Yso4ZVUhIDJcXGDAaIUTGXJK%2FzvpU%2BYIyK5adnY4%2FTdUK%2BnloXkgU8PSoQ13uSiOjWfmm2IZvGgCZb0w1%2FMx%2FXG22cmVdXrUp2HXUtk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230041-FRA, cache-lga21931-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cbbcb0948d0973b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13745
server: cloudflare
x-jsd-version: 2.5.0

GET
H2 200 css2
fonts.googleapis.com/ 19 KB
1 KB 188ms
74ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800&family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af6a0550f51da1851d17657fdd25292097351ea1087a2fcc6bc70f1f7582bb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 01 Oct 2024 10:33:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 01 Oct 2024 10:33:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
984 B 164ms
51ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lexend+Deca:wght@300;400;500;600;700;800&display=swap

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52c03ff0290a62cfa95f13115cccd2465bade7991002e66501e1b8edfb900c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 01 Oct 2024 10:33:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 01 Oct 2024 10:33:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 804 B
482 B 184ms
75ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM%20Sans

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bacedbf92de72703653b703f78b51ad3b20a894badd14cb045cdbc1c0c5ee74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 01 Oct 2024 10:33:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 01 Oct 2024 09:37:13 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bootstrap-switch.css
mediscribes.xecurify.com/moas/css/ 948 B
1 KB 148ms
115ms Stylesheet
text/css 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/css/bootstrap-switch.css?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 91874aaa73ec2f9bb171c13c3031a24fe4c0a0ee7a47c0a7252f8e9a0e193e9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
etag: "66b20072-3b4"
expires: Tue, 08 Oct 2024 10:33:11 GMT
accept-ranges: bytes
content-length: 948
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H2 200 bootstrap-select.min.css
mediscribes.xecurify.com/moas/css/ 11 KB
3 KB 168ms
135ms Stylesheet
text/css 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/css/bootstrap-select.min.css?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9607ef74b506afd9c10f13050928bb95e3b59127db5f6e324cd05ad2eb08d5ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-2bb7"
expires: Tue, 08 Oct 2024 10:33:11 GMT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
2 KB 159ms
67ms Stylesheet
text/css 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css?v=4.6.1

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
age: 12954173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFOXqyPUq2FoRmhdzmpWYWDvgrbKFbYQrQxb8SHza9IKCEKSFKKSckDjqaqwxHyVI%2BZYt%2F7O0o6a89y0uvzduwknt7YKZ0doqiWlibKxJbQEhNy80g6eZ4ATatTir4r9O5%2BBTUqNQ5UJmrsuwFg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220046-FRA, cache-lga21924-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cbbcb0948d1973b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2162
server: cloudflare
x-jsd-version: 4.1.0-rc.0

GET
H2 200 login-style-ui.css
mediscribes.xecurify.com/moas/css/ 2 KB
1 KB 267ms
235ms Stylesheet
text/css 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/css/login-style-ui.css?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 21417367eaa7cfb5771b79d442adc54ad38806df437f33d7673fedeb56b185b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-882"
expires: Tue, 08 Oct 2024 10:33:11 GMT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: text/css
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H2 200 xecurify-logo.png
login.xecurify.com/moas/images/ 11 KB
11 KB 269ms
232ms Image
image/png 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.xecurify.com/moas/images/xecurify-logo.png
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9f7b4cc6337727aba4a8ef9952702dfc0bbddc90778c99d4d7cd6b128eebd5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-2a23"
expires: Tue, 08 Oct 2024 10:33:11 GMT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: image/png
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 169ms
55ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mediscribes.xecurify.com
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 2432719
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 10:33:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 19, 97862
x-served-by: cache-lga21978-LGA, cache-cph2320032-CPH
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1727778792.908726,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H2 200 jquery-migrate-3.4.1.min.js Show response
code.jquery.com/ 13 KB
5 KB 42ms
41ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.4.1.min.js
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mediscribes.xecurify.com
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-3509"
age: 4072027
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 6253, 78307
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga21959-LGA, cache-cph2320032-CPH
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1727778792.002810,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4869
server: nginx

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 79 KB
25 KB 57ms
52ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mediscribes.xecurify.com
Referer: https://mediscribes.xecurify.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
age: 17305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2d%2Fu7AKTaVS6FKNSAbIRR4iEAgde2SY1wYF%2FKa9Z%2BBiYJp6cke20%2FiRfrTI1ayoq72SVDnM7XFNhdDF6HTy8qTGE%2BGzuLLyrUENdJsQVjh4dYJ%2BJgPXfLQ1xMBBoI2XdvvJ94R43AXj%2BRx%2FK2Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, HIT
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220085-FRA, cache-lga21968-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cbbcb0a2876dc74-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25109
server: cloudflare
x-jsd-version: 5.3.2

GET
H2 200 bootstrap-select.min.js Show response
mediscribes.xecurify.com/moas/js/ 52 KB
16 KB 158ms
154ms Script
application/javascript 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/js/bootstrap-select.min.js?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d1f04d3f33cca07a343088988e82efe33eda8f2a5288ea185bd028652087737a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-d15b"
expires: Tue, 08 Oct 2024 10:33:12 GMT
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H2 200 intlTelInput.min.js Show response
mediscribes.xecurify.com/moas/js/ 44 KB
10 KB 138ms
134ms Script
application/javascript 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/js/intlTelInput.min.js?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 14bfd85d1ee0d31b996c1548fa6dc44ecdc9b02e73b9d01f76fb2a597e3069b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-b134"
expires: Tue, 08 Oct 2024 10:33:12 GMT
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H2 200 avatar.js Show response
mediscribes.xecurify.com/moas/js/ 1 KB
803 B 160ms
157ms Script
application/javascript 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mediscribes.xecurify.com/moas/js/avatar.js?v=4.6.1
Requested by: Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fb237969eb540e36934a9ff97741c305699e4cf1e503773373162ddb64429bad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/moas/login

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-417"
expires: Tue, 08 Oct 2024 10:33:12 GMT
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

GET
H3 200 loader.js Show response
www.gstatic.com/charts/ 61 KB
18 KB 92ms
40ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

content-encoding: gzip
age: 273
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
x-content-type-options: nosniff
expires: Tue, 01 Oct 2024 11:28:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 10:28:39 GMT
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="gviz"
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
accept-ranges: bytes
content-length: 18534
x-xss-protection: 0
server: sffe

GET
H2 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
18 KB 57ms
55ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js?v=4.6.1

Requested by

Host: mediscribes.xecurify.com
URL: https://mediscribes.xecurify.com/moas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
age: 392300
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtD3jSdO8VldwBfa5GhSwU7oLqGYseuqEuTYevjpHl36bTXwHIE7xriRVnP7ODskAfoG07Ye%2FZx4xvyyYG5rBqzcXPPspYnfXDGg1eP4WczBHSYkNoZUU4eLzbhGdBb0gxaEnSt6diOVs5BQIyQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
x-cache: HIT, MISS
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220129-FRA, cache-lga21928-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8cbbcb0a29d4973b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18460
server: cloudflare
x-jsd-version: 4.1.0-rc.0

GET
H3 200 rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2
fonts.gstatic.com/s/dmsans/v15/ 14 KB
14 KB 154ms
46ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW32.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM%20Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://mediscribes.xecurify.com
Referer: https://fonts.googleapis.com/

Response headers

age: 8650
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 01 Oct 2025 08:09:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 08:09:02 GMT
last-modified: Thu, 21 Mar 2024 23:59:13 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14116
x-xss-protection: 0
server: sffe

GET
H2 200 xecurify-favicon.ico
login.xecurify.com/moas/images/ 58 KB
4 KB 119ms
119ms Other
image/vnd.microsoft.icon 52.1.106.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xecurify.com/moas/images/xecurify-favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.1.106.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-106-155.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c8c1727abeab9b68147ed5dcada28d7422bb4d4f2a6f133c6a0f4b79c90f012

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://mediscribes.xecurify.com/

Response headers

cache-control: max-age=604800
content-encoding: gzip
etag: W/"66b20072-e8be"
expires: Tue, 08 Oct 2024 10:33:12 GMT
date: Tue, 01 Oct 2024 10:33:12 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 06 Aug 2024 10:52:34 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mediscribes.xecurify.com/moas	1969-12-31 23:59:59	Name: JSESSIONID Value: ffe4b62aef5447e88b96c19e09a61fd3
mediscribes.xecurify.com/	1970-01-21 00:06:23	Name: AWSALB Value: W3OfUDNzSq6gqjMcsH1d3pAYGn2r3Fcl7ZmHS4IfKPZYB9GWC2rjtYyD0C3xXFfhHt0Zh8euHJ0WlQBZJU5EPitNaIRhY3upGAutTyp7mCnYur2ZPqwyXb8AGpa3
mediscribes.xecurify.com/	1970-01-21 00:06:23	Name: AWSALBCORS Value: W3OfUDNzSq6gqjMcsH1d3pAYGn2r3Fcl7ZmHS4IfKPZYB9GWC2rjtYyD0C3xXFfhHt0Zh8euHJ0WlQBZJU5EPitNaIRhY3upGAutTyp7mCnYur2ZPqwyXb8AGpa3
login.xecurify.com/	1970-01-21 00:06:23	Name: AWSALB Value: MS8PDBX+mwSm9ON1SnRYO5SQuGQOxr+KpMvYEPpT2w6RbFdfq7chutWHkuagca5ntdkmpSXPjBO0I3wmUG6ErPFA9/BKY4/mbdfvgYQUYf1oX0gPL5z6nIZRaitX
login.xecurify.com/	1970-01-21 00:06:23	Name: AWSALBCORS Value: MS8PDBX+mwSm9ON1SnRYO5SQuGQOxr+KpMvYEPpT2w6RbFdfq7chutWHkuagca5ntdkmpSXPjBO0I3wmUG6ErPFA9/BKY4/mbdfvgYQUYf1oX0gPL5z6nIZRaitX

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 69) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-3Ue6IY0Tr0LyRfaqleZF2BfRASMtj59yb2mwiw1o8AU='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://code.jquery.com/jquery-3.7.1.min.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 284) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-66Isvx5vU5CL3imAxLfpwOx0Iy0IEnl/KL1TyqLXu3E='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://code.jquery.com/jquery-migrate-3.4.1.min.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 292) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-VBtrFYDBkOe0ix9ttmSx2AqlHzfo8WAnanHs5c2Pjvs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 300) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-L4Oiy4wuXJSYIlz9+eU3FswFJb3Q+fEN8gwnGj/VM+o='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://mediscribes.xecurify.com/moas/js/bootstrap-select.min.js?v=4.6.1' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://mediscribes.xecurify.com/moas/js/intlTelInput.min.js?v=4.6.1' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://mediscribes.xecurify.com/moas/js/avatar.js?v=4.6.1' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://www.gstatic.com/charts/loader.js' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login Message: [Report Only] Refused to load the script 'https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js?v=4.6.1' because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 322) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-mc1MC/9fvW2m5mRO16yRJbB1cc9HNxwP2apcRgfWJdg='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 447) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-OJ9kWck0r+jd/xpB/Iymq6qQol7HSxEB5zCvcvbz3GA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://mediscribes.xecurify.com/moas/login(Line 499) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'nonce-eTwsA9zTJuo1T_R61P4UOh-b' 'strict-dynamic' http: https:". Either the 'unsafe-inline' keyword, a hash ('sha256-CvTaL1/D+LFuG5AdNyk7hA2YhIhrIwHDQoi9TV70omI='), or a nonce ('nonce-...') is required to enable inline execution.
recommendation	verbose	URL: https://mediscribes.xecurify.com/moas/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
login.xecurify.com
mediscribes.xecurify.com
www.gstatic.com
104.17.25.14
142.250.185.195
142.250.186.35
2606:4700::6812:ba1f
2a00:1450:4001:81c::200a
2a04:4e42::649
52.1.106.155
13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c
14bfd85d1ee0d31b996c1548fa6dc44ecdc9b02e73b9d01f76fb2a597e3069b4
21417367eaa7cfb5771b79d442adc54ad38806df437f33d7673fedeb56b185b9
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52c03ff0290a62cfa95f13115cccd2465bade7991002e66501e1b8edfb900c0d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
8c8c1727abeab9b68147ed5dcada28d7422bb4d4f2a6f133c6a0f4b79c90f012
91874aaa73ec2f9bb171c13c3031a24fe4c0a0ee7a47c0a7252f8e9a0e193e9d
9607ef74b506afd9c10f13050928bb95e3b59127db5f6e324cd05ad2eb08d5ad
a71e519e44faaa2a518544f31c899590cd80076d09814d015b69e64dd9202128
af6a0550f51da1851d17657fdd25292097351ea1087a2fcc6bc70f1f7582bb71
b9f7b4cc6337727aba4a8ef9952702dfc0bbddc90778c99d4d7cd6b128eebd5e
bacedbf92de72703653b703f78b51ad3b20a894badd14cb045cdbc1c0c5ee74b
bd5f86eb726a4cccb87897cc9792715ddf9ebe3671ca31ba7b4e28581b78f1cd
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
d1f04d3f33cca07a343088988e82efe33eda8f2a5288ea185bd028652087737a
de3b3e113d435739bf91972ca5d309ffe7d204c76cd742f76fc88eb7a49ed088
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
fb237969eb540e36934a9ff97741c305699e4cf1e503773373162ddb64429bad
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

mediscribes.xecurify.com Open in urlscan Pro 52.1.106.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

43 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

226 kBTransfer

955 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

5 Cookies

16 Console Messages

Security Headers

Indicators

mediscribes.xecurify.com Open in urlscan Pro
52.1.106.155 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

226 kB
Transfer

955 kB
Size

5
Cookies

24 HTTP transactions
0 data transactions