www.medicalhomecare.com Open in urlscan Pro
209.17.116.160 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Submission: On June 04 via manual (June 4th 2020, 7:23:07 pm UTC) from MA

Summary HTTP 16 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 209.17.116.160, located in Jacksonville, United States and belongs to DEFENSE-NET, US. The main domain is www.medicalhomecare.com.
TLS certificate: Issued by Network Solutions OV Server CA 2 on March 30th 2020. Valid for: 2 years.

This is the only time www.medicalhomecare.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
12	209.17.116.160 209.17.116.160		55002 (DEFENSE-NET) (DEFENSE-NET)
1	2a00:1450:400... 2a00:1450:4001:81b::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003		15169 (GOOGLE) (GOOGLE)
16	4

12 209.17.116.160 (Jacksonville, United States)

ASN55002 (DEFENSE-NET, US)

www.medicalhomecare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	medicalhomecare.com www.medicalhomecare.com	253 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	gstatic.com fonts.gstatic.com	14 KB
16	3

	Domain	Requested by
12	www.medicalhomecare.com	www.medicalhomecare.com
2	fonts.googleapis.com	www.medicalhomecare.com
1	fonts.gstatic.com	ajax.googleapis.com
1	ajax.googleapis.com	www.medicalhomecare.com
16	4

This site contains no links.

Subject Issuer	Validity	Valid
medicalhomecare.com Network Solutions OV Server CA 2	`2020-03-30` - `2022-03-27`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Frame ID: 96D85DDC166E531F0118087F0A819F70
Requests: 14 HTTP requests in this frame

Frame: https://www.medicalhomecare.com/wp-snapshots/?page=mobiNet&lang=e&i=164376&key=192983
Frame ID: BFC8948FF28C7736D8B631B950B3EB21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /owl\.carousel.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /owl\.carousel.*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

300 kB
Transfer

1004 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw== Show response
www.medicalhomecare.com/ 15 KB
5 KB 707ms
215ms Document
text/html 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 / PHP/7.0.2-pl0-gentoo
Resource Hash: fdd124d3601b10676cb7819305d4d57a3a48ad402269c0507372d501c874b8c8

Request headers

Host: www.medicalhomecare.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: openresty/1.13.6.2
Date: Thu, 04 Jun 2020 19:22:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: PHP/7.0.2-pl0-gentoo
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 26 May 2020 00:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 847154
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 May 2021 00:03:35 GMT

GET
H/1.1 200
OK 80zq2.js Show response
www.medicalhomecare.com/wp-content/cache/wpfc-minified/qifa77jz/ 324 KB
101 KB 1005ms
779ms Script
application/javascript 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/qifa77jz/80zq2.js
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 32dcca8771732d03cb658d460b28aeef9f295345619ac01ffd21de21c33c13c9

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK 1wznc.css
www.medicalhomecare.com/wp-content/cache/wpfc-minified/ee0aj6k/ 57 KB
11 KB 122ms
121ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/ee0aj6k/1wznc.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 04ab67160efd030bf5c8205edfffd528aa3d8d98a7cc728072df3592b2ba035f

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 01:25:08 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK 80zq2.css
www.medicalhomecare.com/wp-content/cache/wpfc-minified/g2yz341/ 62 KB
12 KB 1335ms
1115ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/g2yz341/80zq2.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: d34fdb3aabd1abc7482eb047448b627bb678c290a6485c4ec102af489e01684c

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK 80zq2.css
www.medicalhomecare.com/wp-content/cache/wpfc-minified/30y0l6rv/ 269 B
610 B 350ms
127ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/30y0l6rv/80zq2.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 185bc0b35ea841a4183ed7381796bfa8dcd7587803761756c8f993c4cfe15709

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:49 GMT
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 269
Expires: max-age=2592000, public

GET
H2 200 css
fonts.googleapis.com/ 10 KB
889 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C600%2C800&ver=5.1.3

Requested by

Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac351147aec12359e5c68d4c3bb936e658fff87ce2337f04a5050fe75719c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 19:22:49 GMT
server: ESF
date: Thu, 04 Jun 2020 19:22:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jun 2020 19:22:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
544 B 22ms
20ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%2C300&ver=5.1.3

Requested by

Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 19:22:49 GMT
server: ESF
date: Thu, 04 Jun 2020 19:22:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jun 2020 19:22:49 GMT

GET
H/1.1 200
OK 80zq2.css
www.medicalhomecare.com/wp-content/cache/wpfc-minified/e5hu3y9g/ 195 KB
45 KB 349ms
126ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/e5hu3y9g/80zq2.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: c3eaa81eba496325eca67a959d0cf752e8172863ee1651e030ad94b956e545e7

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK 80zq2.js Show response
www.medicalhomecare.com/wp-content/cache/wpfc-minified/7b14c6ua/ 150 KB
61 KB 345ms
119ms Script
application/javascript 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/7b14c6ua/80zq2.js
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 21cedd414e272013a4c07e73c30333884792a5eac9cf528a863d2fceb87c1a69

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK 80zq2.css
www.medicalhomecare.com/wp-content/cache/wpfc-minified/9apiywfz/ 62 KB
9 KB 341ms
117ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/9apiywfz/80zq2.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 310ddc7f0b4fb1138552c78423fbf11c4e18f1632abde5fd0a28ee86bd7a18f0

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.medicalhomecare.com/wp-includes/js/ 12 KB
5 KB 119ms
119ms Script
application/javascript 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-includes/js/wp-emoji-release.min.js?ver=5.1.3
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Mar 2019 13:45:06 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK 80zq2.css
www.medicalhomecare.com/wp-content/cache/wpfc-minified/edqi19bg/ 7 KB
2 KB 122ms
121ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/edqi19bg/80zq2.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224

Request headers

Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Jul 2019 00:16:56 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

GET
H/1.1 200
OK / Show response
www.medicalhomecare.com/wp-snapshots/ Frame BFC8 2 KB
1 KB 213ms
213ms Document
text/html 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-snapshots/?page=mobiNet&lang=e&i=164376&key=192983
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 / PHP/7.0.2-pl0-gentoo
Resource Hash: 9c15e4e5019faa05ddda415788c27f16a123a52b0ed8f4ee73a37727952a7353

Request headers

Host: www.medicalhomecare.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.medicalhomecare.com/P3BhZ2U9bW9iaU5ldCZsYW5nPWUmaT0xNjQzNzYma2V5PTE5Mjk4Mw==

Response headers

Server: openresty/1.13.6.2
Date: Thu, 04 Jun 2020 19:22:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: PHP/7.0.2-pl0-gentoo
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%2C300&ver=5.1.3
Origin: https://www.medicalhomecare.com

Response headers

date: Tue, 19 May 2020 09:27:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 1418146
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Wed, 19 May 2021 09:27:04 GMT

GET
H/1.1 200
OK stylesheet.css
www.medicalhomecare.com/wp-snapshots/ Frame BFC8 1 KB
928 B 143ms
143ms Stylesheet
text/css 209.17.116.160
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medicalhomecare.com/wp-snapshots/stylesheet.css
Requested by: Host: www.medicalhomecare.com
URL: https://www.medicalhomecare.com/wp-snapshots/?page=mobiNet&lang=e&i=164376&key=192983
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 549feae64965edf6cd1bedf9b849f2e5f0b8220cf91edce44d1fe02aa412141d

Request headers

Referer: https://www.medicalhomecare.com/wp-snapshots/?page=mobiNet&lang=e&i=164376&key=192983
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Jun 2020 19:22:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 20:40:20 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: max-age=2592000, public

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery function| jq object| _wpemojiSettings object| imgSizer function| addTwitterBSClass object| jQuery112401957618383016262 object| Modernizr object| respond function| yepnope function| dvLoading object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.medicalhomecare.com/wp-content/cache/wpfc-minified/7b14c6ua/80zq2.js(Line 10) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.medicalhomecare.com
209.17.116.160
2a00:1450:4001:815::200a
2a00:1450:4001:81b::200a
2a00:1450:4001:820::2003
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04ab67160efd030bf5c8205edfffd528aa3d8d98a7cc728072df3592b2ba035f
185bc0b35ea841a4183ed7381796bfa8dcd7587803761756c8f993c4cfe15709
21cedd414e272013a4c07e73c30333884792a5eac9cf528a863d2fceb87c1a69
310ddc7f0b4fb1138552c78423fbf11c4e18f1632abde5fd0a28ee86bd7a18f0
32dcca8771732d03cb658d460b28aeef9f295345619ac01ffd21de21c33c13c9
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
5302d7ef47b197c6cc07e5db5152dcce3b6886ac18f727875fe78ba8e8129224
549feae64965edf6cd1bedf9b849f2e5f0b8220cf91edce44d1fe02aa412141d
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89ac351147aec12359e5c68d4c3bb936e658fff87ce2337f04a5050fe75719c1
9c15e4e5019faa05ddda415788c27f16a123a52b0ed8f4ee73a37727952a7353
c3eaa81eba496325eca67a959d0cf752e8172863ee1651e030ad94b956e545e7
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
d34fdb3aabd1abc7482eb047448b627bb678c290a6485c4ec102af489e01684c
fdd124d3601b10676cb7819305d4d57a3a48ad402269c0507372d501c874b8c8