stgeorgesmedicalcentre.co.uk Open in urlscan Pro
77.68.52.162 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stgeorgesmedicalcentre.co.uk/mens-health/
Effective URL:
https://stgeorgesmedicalcentre.co.uk/mens-health/
Submission: On April 02 via api (April 2nd 2024, 1:10:51 am UTC) from US — Scanned from US

Summary HTTP 12 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 77.68.52.162, located in Croydon, United Kingdom and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is stgeorgesmedicalcentre.co.uk.
TLS certificate: Issued by R3 on February 29th 2024. Valid for: 3 months.

This is the only time stgeorgesmedicalcentre.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NHS UK (Healthcare)

Domain & IP information

	IP Address	AS Autonomous System
10	77.68.52.162 77.68.52.162	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	184.87.190.150 184.87.190.150	16625 (AKAMAI-AS) (AKAMAI-AS)
12	3

10 77.68.52.162 (Croydon, United Kingdom)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

stgeorgesmedicalcentre.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.87.190.150 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-190-150.deploy.static.akamaitechnologies.com

assets.nhs.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	stgeorgesmedicalcentre.co.uk stgeorgesmedicalcentre.co.uk	94 KB
2	assets.nhs.uk assets.nhs.uk — Cisco Umbrella Rank: 46295	35 KB
12	2

	Domain	Requested by
10	stgeorgesmedicalcentre.co.uk	stgeorgesmedicalcentre.co.uk
2	assets.nhs.uk	stgeorgesmedicalcentre.co.uk
12	2

This site contains links to these domains. Also see Links.

Domain
www.nhs.uk
www.nwlondonsexualhealth.nhs.uk
orchid-cancer.org.uk
www.yourprivates.org.uk
www.google.com

Subject Issuer	Validity	Valid
stgeorgesmedicalcentre.co.uk R3	`2024-02-29` - `2024-05-29`	3 months	crt.sh
www.nhs.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://stgeorgesmedicalcentre.co.uk/mens-health/
Frame ID: F7BC884FB47129EF42B3ECFBE80DDDE9
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Men’s Health – St George's Medical Centre

Page URL History Show full URLs

http://stgeorgesmedicalcentre.co.uk/mens-health/ HTTP 307
https://stgeorgesmedicalcentre.co.uk/mens-health/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

129 kB
Transfer

635 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nhs.uk/Conditions/Hair-loss/Pages/Treatment.aspx
Title: NHS Choices – Hair Loss Treatments

Search URL Search Domain Scan URL

URL: https://www.nwlondonsexualhealth.nhs.uk/index.php
Title: North West London Sexual Health and Conraception Services

Search URL Search Domain Scan URL

URL: http://www.nhs.uk/conditions/Ejaculation-problems/Pages/Introduction.aspx
Title: NHS Choices

Search URL Search Domain Scan URL

URL: http://www.nhs.uk/conditions/Prostate-enlargement/Pages/Introduction.aspx
Title: prostate enlargement

Search URL Search Domain Scan URL

URL: https://orchid-cancer.org.uk/
Title: Orchid – Fighting Male Cancer

Search URL Search Domain Scan URL

URL: http://www.yourprivates.org.uk/
Title: Your Privates – Testicular Cancer Awareness

Search URL Search Domain Scan URL

URL: http://www.nhs.uk/conditions/Cancer-of-the-testicle/Pages/Introduction.aspx
Title: NHS Choices – Testicular Cancer

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/St+George's+Medical+Centre/@51.521551,-0.3771195,17z/data=!3m1!4b1!4m6!3m5!1s0x487612acf05dcb9d:0xd53990a534487058!8m2!3d51.5215477!4d-0.3745446!16s%2Fg%2F11c6y_cbvj?entry=ttu
Title: Get Directions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stgeorgesmedicalcentre.co.uk/mens-health/ HTTP 307
https://stgeorgesmedicalcentre.co.uk/mens-health/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stgeorgesmedicalcentre.co.uk/mens-health/
Redirect Chain

http://stgeorgesmedicalcentre.co.uk/mens-health/
https://stgeorgesmedicalcentre.co.uk/mens-health/

35 KB
8 KB

1101ms
868ms

Document
text/html

77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PHP/8.3.4 PleskLin
Resource Hash: dd3a6bb20afb3d38e723d3a75ddca453010448711398ae9cbb6202da1431ca47

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 Apr 2024 01:10:46 GMT
link: <https://stgeorgesmedicalcentre.co.uk/wp-json/>; rel="https://api.w.org/", <https://stgeorgesmedicalcentre.co.uk/wp-json/wp/v2/pages/236>; rel="alternate"; type="application/json", <https://stgeorgesmedicalcentre.co.uk/?p=236>; rel=shortlink
server: nginx
x-cache-status: BYPASS
x-litespeed-tag: a2c_HTTP.200
x-powered-by: PHP/8.3.4 PleskLin

Redirect headers

Location: https://stgeorgesmedicalcentre.co.uk/mens-health/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.min.css
stgeorgesmedicalcentre.co.uk/wp-includes/css/dist/block-library/ 108 KB
13 KB 115ms
113ms Stylesheet
text/css 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2024 06:55:15 GMT
server: nginx
etag: W/"65b9eed3-1ae43"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.min.css
stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/ 242 KB
28 KB 217ms
215ms Stylesheet
text/css 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/style.min.css?ver=20210721
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 94edca42ee25db7b4e535140a3d31b81967caa6531f82f72cd1b1c44705bc1fc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 09:07:49 GMT
server: nginx
etag: W/"65421565-3c8de"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 page-colours.min.css
stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/ 107 KB
6 KB 319ms
318ms Stylesheet
text/css 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/page-colours.min.css?ver=20210721
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 088e0b054bdc495b29bc4fcd1acc09c3420eb168b1b3b1446036e2199a10704f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 09:07:49 GMT
server: nginx
etag: W/"65421565-1aae2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
stgeorgesmedicalcentre.co.uk/wp-includes/js/jquery/ 86 KB
29 KB 318ms
316ms Script
application/javascript 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Thu, 09 Nov 2023 06:55:21 GMT
server: nginx
etag: W/"654c8259-15601"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
stgeorgesmedicalcentre.co.uk/wp-includes/js/jquery/ 13 KB
5 KB 217ms
216ms Script
application/javascript 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 08:50:50 GMT
server: nginx
etag: W/"6542116a-3509"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 skip-link-focus-fix.js Show response
stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/js/ 685 B
526 B 318ms
317ms Script
application/javascript 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/js/skip-link-focus-fix.js?ver=20190828
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 09:07:49 GMT
x-accel-version: 0.01
server: nginx
etag: W/"2ad-609139aff170f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 nhsuk.min.js Show response
stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/js/ 5 KB
2 KB 319ms
318ms Script
application/javascript 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/js/nhsuk.min.js?ver=20190828
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0519f98fa17554943e5a69bcc555961dceef052e261784f06a62460ff4c6ffc7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 09:07:49 GMT
server: nginx
etag: W/"65421565-15b1"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 navigation.js Show response
stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/js/ 4 KB
1 KB 318ms
317ms Script
application/javascript 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/js/navigation.js?ver=20190828
Requested by: Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/mens-health/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7147f0d002dbadbf91009be69262727fbc7f80abcebd91ba8a75cb48add1b9ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:46 GMT
content-encoding: br
last-modified: Wed, 01 Nov 2023 09:07:49 GMT
server: nginx
etag: W/"65421565-e05"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: application/javascript

GET
DATA 200
OK truncated
/ 296 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 FrutigerLTW01-55Roman.woff2
assets.nhs.uk/fonts/ 17 KB
17 KB 440ms
206ms Font
application/octet-stream 184.87.190.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nhs.uk/fonts/FrutigerLTW01-55Roman.woff2

Requested by

Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/style.min.css?ver=20210721

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.190.150 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-190-150.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/
Origin: https://stgeorgesmedicalcentre.co.uk
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 01:10:47 GMT
strict-transport-security: max-age=63072000
content-md5: lRIDEWIJgHewKikdW/afDg==
content-length: 17284
x-ms-lease-status: unlocked
last-modified: Tue, 09 Apr 2019 10:17:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6BCD488B0257A
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 4ed52d24-f01e-0047-7a20-f1772e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2628288
x-ms-version: 2009-09-19
x-datastream-cache-status: 1
expires: Thu, 02 May 2024 11:15:35 GMT

GET
H2 200 FrutigerLTW01-65Bold.woff2
assets.nhs.uk/fonts/ 17 KB
17 KB 340ms
106ms Font
application/octet-stream 184.87.190.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.woff2

Requested by

Host: stgeorgesmedicalcentre.co.uk
URL: https://stgeorgesmedicalcentre.co.uk/wp-content/themes/nightingale/style.min.css?ver=20210721

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.190.150 London, United Kingdom, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-190-150.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/
Origin: https://stgeorgesmedicalcentre.co.uk
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 02 Apr 2024 01:10:47 GMT
strict-transport-security: max-age=63072000
content-md5: OPdl6/MQFVFaVJuAqOKjeg==
content-length: 17216
x-ms-lease-status: unlocked
last-modified: Tue, 09 Apr 2019 10:17:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6BCD48962A5B8
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 8351c347-e01e-0053-1939-06b44a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2628288
x-ms-version: 2009-09-19
x-datastream-cache-status: 1
expires: Thu, 02 May 2024 11:15:35 GMT

GET
H2 200 cropped-NHSSiteIcon-32x32.png
stgeorgesmedicalcentre.co.uk/wp-content/uploads/2023/02/ 1 KB
1 KB 105ms
105ms Other
image/png 77.68.52.162
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://stgeorgesmedicalcentre.co.uk/wp-content/uploads/2023/02/cropped-NHSSiteIcon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.68.52.162 Croydon, United Kingdom, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 79ef39230bef113671bca8ccec9678009419e087d298907e39fb4f3f60637490

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://stgeorgesmedicalcentre.co.uk/mens-health/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 01:10:47 GMT
last-modified: Wed, 01 Nov 2023 08:50:51 GMT
server: nginx
etag: "6542116b-511"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 1297

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NHS UK (Healthcare)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal undefined| $ function| jQuery function| guideNavClick

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nhs.uk
stgeorgesmedicalcentre.co.uk
184.87.190.150
77.68.52.162
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0519f98fa17554943e5a69bcc555961dceef052e261784f06a62460ff4c6ffc7
088e0b054bdc495b29bc4fcd1acc09c3420eb168b1b3b1446036e2199a10704f
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
7147f0d002dbadbf91009be69262727fbc7f80abcebd91ba8a75cb48add1b9ee
79ef39230bef113671bca8ccec9678009419e087d298907e39fb4f3f60637490
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
94edca42ee25db7b4e535140a3d31b81967caa6531f82f72cd1b1c44705bc1fc
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
dd3a6bb20afb3d38e723d3a75ddca453010448711398ae9cbb6202da1431ca47

stgeorgesmedicalcentre.co.uk Open in urlscan Pro 77.68.52.162 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

129 kBTransfer

635 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

stgeorgesmedicalcentre.co.uk Open in urlscan Pro
77.68.52.162 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

129 kB
Transfer

635 kB
Size

0
Cookies

12 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!