mediun.co Open in urlscan Pro
198.54.115.201 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mediun.co/eth/index.html
Submission: On September 21 via manual (September 21st 2021, 10:08:00 pm UTC) from GB — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 27 HTTP transactions. The main IP is 198.54.115.201, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mediun.co.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 19th 2021. Valid for: a year.

This is the only time mediun.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange) Binance (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
10	198.54.115.201 198.54.115.201	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
11	2600:9000:224... 2600:9000:2240:400:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	145.239.131.60 145.239.131.60	16276 (OVH) (OVH)
27	7

10 198.54.115.201 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server195-3.web-hosting.com

mediun.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2240:400:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.131.60 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

image.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	disquscdn.com a.disquscdn.com c.disquscdn.com	44 KB
10	mediun.co mediun.co	196 KB
2	jquery.com code.jquery.com	54 KB
1	ibb.co image.ibb.co	74 KB
1	tumblr.com static.tumblr.com	152 KB
1	google.com chart.apis.google.com	2 KB
27	6

	Domain	Requested by
11	c.disquscdn.com	mediun.co
10	mediun.co	mediun.co
2	code.jquery.com	mediun.co
1	image.ibb.co	mediun.co
1	a.disquscdn.com	mediun.co
1	static.tumblr.com	mediun.co
1	chart.apis.google.com	mediun.co
27	7

This site contains no links.

Subject Issuer	Validity	Valid
mediun.co Sectigo RSA Domain Validation Secure Server CA	`2021-09-19` - `2022-09-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tumblr.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2022-04-14`	2 years	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
ibb.co R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://mediun.co/eth/index.html
Frame ID: C0BFBECC6A2B322F0208C2415BFC4DCA
Requests: 11 HTTP requests in this frame

Frame: https://mediun.co/eth/eth1/index.html
Frame ID: 1FF3026645829063F748F2126240946D
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ethereum Foundation 50,000 ETH Giveaway!

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+id="disqus_thread"

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

522 kB
Transfer

999 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
mediun.co/eth/ 26 KB
7 KB 581ms
176ms Document
text/html 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: dc8f6b1f581037deab411a2525fd781fbbf05d8557a7bdc5f1edd2c919bc7c4b

Request headers

:method: GET
:authority: mediun.co
:scheme: https
:path: /eth/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Mon, 20 Sep 2021 23:43:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6686
date: Tue, 21 Sep 2021 22:07:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 36ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:55 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-1157d"
vary: Accept-Encoding
x-hw: 1632262075.dop226.fr8.t,1632262075.cds230.fr8.hn,1632262075.cds260.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H2 200 clipboard.js Show response
mediun.co/eth/files/ 8 KB
3 KB 178ms
177ms Script
application/javascript 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/files/clipboard.js
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84

Request headers

:path: /eth/files/clipboard.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:53 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 23:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2495
expires: Tue, 28 Sep 2021 22:07:55 GMT

GET
H2 200 bootstrap.js Show response
mediun.co/eth/files/ 36 KB
10 KB 179ms
178ms Script
application/javascript 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/files/bootstrap.js
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

:path: /eth/files/bootstrap.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:53 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 23:43:21 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 9515
expires: Tue, 28 Sep 2021 22:07:55 GMT

GET
H2 200 big.css
mediun.co/eth/files/ 13 KB
3 KB 692ms
690ms Stylesheet
text/css 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/files/big.css
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 60cfa28b7eb57e5ec992f652f1f5061c3e46047cb2454b980eb6de61d18aafa4

Request headers

:path: /eth/files/big.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:53 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 23:43:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3042
expires: Tue, 28 Sep 2021 22:07:55 GMT

GET
H2 200 comments.css
mediun.co/eth/files/ 151 KB
44 KB 179ms
178ms Stylesheet
text/css 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/files/comments.css
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2e1b6f6eba2154d3ec903bf754ec64f3908fce7b06b6312734f9b334b524a945

Request headers

:path: /eth/files/comments.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:53 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 23:43:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 44906
expires: Tue, 28 Sep 2021 22:07:55 GMT

GET
H2 200 u.css
mediun.co/eth/files/ 203 KB
32 KB 522ms
521ms Stylesheet
text/css 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/files/u.css
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4edb91d880958d290e76c6678b1584b4eca8747b643720f827b79548272c7b25

Request headers

:path: /eth/files/u.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:53 GMT
content-encoding: br
last-modified: Mon, 20 Sep 2021 23:43:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32477
expires: Tue, 28 Sep 2021 22:07:55 GMT

GET
H2 200 ef.png
mediun.co/eth/files/ 6 KB
6 KB 186ms
185ms Image
image/png 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediun.co/eth/files/ef.png
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: abdb6d577b7d6ce16a8db045551279f724e3a2478f076b488f51d8a17de441bc

Request headers

:path: /eth/files/ef.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:56 GMT
last-modified: Mon, 20 Sep 2021 23:43:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6053
expires: Tue, 28 Sep 2021 22:07:56 GMT

GET
H2 200 chart
chart.apis.google.com/ 2 KB
2 KB 80ms
8ms Image
image/png 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=0xC93382aD724A1856269b98563E7801fbDfaF7397&chld=H%7C0

Requested by

Host: mediun.co
URL: https://mediun.co/eth/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

9688122305c7d4826020c3e48a91e3eac08b3710593bcf013fe0da7acfd260f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 11:48:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 37166
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1788
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 11:48:30 GMT

GET
H2 200 load.gif
mediun.co/eth/files/ 69 KB
70 KB 176ms
175ms Image
image/gif 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediun.co/eth/files/load.gif
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3

Request headers

:path: /eth/files/load.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:56 GMT
last-modified: Mon, 20 Sep 2021 23:43:26 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 70979
expires: Tue, 28 Sep 2021 22:07:56 GMT

GET
H2 200 ava1.jpg
mediun.co/eth/files/ 17 KB
18 KB 349ms
349ms Image
image/jpeg 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediun.co/eth/files/ava1.jpg
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c78975383c2b82ab92f72d02d07adbad33eab9a3bcfa725f43c8a90a784dd2bd

Request headers

:path: /eth/files/ava1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mediun.co
referer: https://mediun.co/eth/index.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:56 GMT
last-modified: Mon, 20 Sep 2021 23:43:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17895
expires: Tue, 28 Sep 2021 22:07:56 GMT

GET
H2 200 index.html Show response
mediun.co/eth/eth1/ Frame 1FF3 48 KB
5 KB 325ms
325ms Document
text/html 198.54.115.201
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediun.co/eth/eth1/index.html
Requested by: Host: mediun.co
URL: https://mediun.co/eth/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.201 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server195-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4b24e94b50200a2fdd46b6bf4e4c51fb7c2ee6fc82c2982cab126f17ae7110c1

Request headers

:method: GET
:authority: mediun.co
:scheme: https
:path: /eth/eth1/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mediun.co/eth/index.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/eth/index.html

Response headers

content-type: text/html
last-modified: Mon, 20 Sep 2021 23:43:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4557
date: Tue, 21 Sep 2021 22:07:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ Frame 1FF3 86 KB
30 KB 12ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:56 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-15851"
vary: Accept-Encoding
x-hw: 1632262076.dop226.fr8.t,1632262076.cds230.fr8.hn,1632262076.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 comments.css
static.tumblr.com/n2nup4r/du2pswb6c/ Frame 1FF3 151 KB
152 KB 60ms
8ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/n2nup4r/du2pswb6c/comments.css

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

5ea0651d51cd133b1f3027b269e894400b0718b3940e40feb281e06b827285c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 21 Sep 2021 22:07:56 GMT
last-modified: Mon, 10 Jun 2019 18:25:25 GMT
server: nginx
etag: "d3785f8a44866e57ec6a6fbb23350cc0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 154791

GET
H2 200 noavatar92.png
a.disquscdn.com/images/ Frame 1FF3 2 KB
2 KB 54ms
10ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/images/noavatar92.png

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1726013
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: VEYjRJrtulLfHpQbBvWOFi5ODqC_KEDM9vBaTMJ9tUuMRNw7qAIw1A==
expires: Wed, 01 Sep 2021 22:40:20 GMT

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/18260/6863/ Frame 1FF3 4 KB
5 KB 76ms
10ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/18260/6863/avatar92.jpg?1575621128

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1ed445642945e4491af05364cf2f1f46f909dfbecb3d0aec48042738b70f6600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 4519
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Tue, 19 Jan 2021 17:47:11 GMT
server: nginx
etag: "661769ecec807be15f45271308aba2da"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: TknMCcCR2rkjUT7isBMDT61bkkmduSJpL7h9DkGnpKTo7GaLgB-vRg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/28829/7573/ Frame 1FF3 2 KB
3 KB 77ms
11ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/28829/7573/avatar92.jpg?1590512489

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

42049c719ca3ccb1a7e9d58c590b9320e0d0d2fe31f6dedd24fc4d7bfe21537b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 2395
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Sat, 31 Jul 2021 20:48:24 GMT
server: nginx
etag: "8dc8baef97d772979b201502b4f8975d"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 9D50ykQvu1JfEO_BzTbOOXpos_jmXX649HAxrqOzDaqzLt0FqEx2qQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/5324/5484/ Frame 1FF3 3 KB
4 KB 77ms
12ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/5324/5484/avatar92.jpg?1591138209

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

78cb366362fbf3bb173088ac4a6c219e21aa9d51d9f3b131cbda3e31fce439db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 3378
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Tue, 24 Aug 2021 03:15:37 GMT
server: nginx
etag: "4fb3afd3d8fc8b81b6aee87abac97068"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 4hQmjqfhaI0FUml_soszkTnoMRZkqLLxYFOGnMeU9xeAdYB97XpUog==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/10791/4816/ Frame 1FF3 3 KB
3 KB 78ms
12ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/10791/4816/avatar92.jpg?1565477284

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0242f3d1f13a58ca7d84c58121b272ee63c1b11fb1479d416226e2b95d8bb178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 2936
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Thu, 12 Nov 2020 00:23:44 GMT
server: nginx
etag: "6201ca3756a6d26c691b75df0d6b065e"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: DK016_FVNwYz4R_kCjQXOrvZwIvBcudn5v8CBbuxxNQOhiE4FQ1oUg==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/34897/3728/ Frame 1FF3 4 KB
4 KB 79ms
13ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/34897/3728/avatar92.jpg?1588900704

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e812e438dfc40a4d9dc91d6c70efffc602a66ad86279ed106242595608436244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 3862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 21 Sep 2020 03:18:39 GMT
server: nginx
etag: "1b71f54fa1060774302ea5f9adf4dbe7"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: UE_JFLFaigzgi9C7NDz_XhHlQZXIkAxa4qg45wSfT6py2bU3ColObQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/24669/9375/ Frame 1FF3 2 KB
3 KB 79ms
14ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/24669/9375/avatar92.jpg?1591132484

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5f9ccfbfbc614d318bf094f18449559b2d65d57b3ecccf3865bb0d3bf9a75c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 2435
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 31 May 2021 13:08:29 GMT
server: nginx
etag: "1c6b1b0c85e0a044c8c863ffcd1c5e13"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 3ndVDjmETXCkjchngnr8LVfYKFocwYwm43rJJyDNEdc0jufad1FjoA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/3421/2316/ Frame 1FF3 4 KB
5 KB 13ms
10ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/3421/2316/avatar92.jpg?1377541829

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8db2d72a390bc45796f54ca017e19b94b7d9d45f7f0f4b19c31c238df3998182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 06:51:18 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2819798
x-cache: Hit from cloudfront
content-length: 4240
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Mon, 26 Aug 2013 18:30:29 GMT
server: nginx
etag: "34f610ace5bbca8846b88394f3236d92"
content-type: image/jpeg
expires: Sat, 20 Aug 2022 06:51:18 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: Me9svLkO0XjrM7u3ZdZb2yUrmKghZOgxc6e-rYoB_u_cTdcItxjcvQ==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/3744/9649/ Frame 1FF3 3 KB
4 KB 12ms
10ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/3744/9649/avatar92.jpg?1402496077

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f0fcbcaeae3b12de878ff361d3959ac0dcd2efb9334f615642235bda554d0da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 04:46:07 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2827309
x-cache: Hit from cloudfront
content-length: 3165
x-xss-protection: 1; mode=block
x-served-by: static-web-1
last-modified: Wed, 11 Jun 2014 14:14:37 GMT
server: nginx
etag: "ebfe3a128fc2c58406021482fc06dbf5"
content-type: image/jpeg
expires: Sat, 20 Aug 2022 04:46:07 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: kAipoWsHVPRF6Kr-4dUn6TKzz8cil1TqnhOuHQEVlpI5jzxfC21UKA==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/6351/2731/ Frame 1FF3 3 KB
4 KB 13ms
10ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/6351/2731/avatar92.jpg?1590568684

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d846b4ce6f30d7c5a663a99336b1d3703a16acef1a77a70efc3c40988139e0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 13:51:53 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2362563
x-cache: Hit from cloudfront
content-length: 3485
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Sun, 05 Jul 2020 15:57:08 GMT
server: nginx
etag: "4c7102701798f086667ad6b57cc2b406"
content-type: image/jpeg
expires: Thu, 25 Aug 2022 13:51:53 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: pLaOj0ISn55WxDg2HtIBHbgIZxyE1gC8r6Lrbd2n5lbveuisgcrHvw==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/2207/636/ Frame 1FF3 4 KB
5 KB 14ms
11ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/2207/636/avatar92.jpg?1470225620

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3a6f355fe2a4283a0ef3c00c69b3fb7ac51d9aaa98c3c9572ac04a374fef1204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 15:27:14 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5640042
x-cache: Hit from cloudfront
content-length: 4260
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Wed, 03 Aug 2016 12:00:21 GMT
server: nginx
etag: "a4604124d6fc729f442ee23d3bee9407"
content-type: image/jpeg
expires: Mon, 18 Jul 2022 15:27:14 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: zpu13KzxZ54nsCdkOFPeDuL0s1Xwvu8m2_dRx2Gz8YoLlTLeHYcc9A==
x-cache-hits: 0

GET
H2 200 avatar92.jpg
c.disquscdn.com/uploads/users/29820/9294/ Frame 1FF3 3 KB
4 KB 14ms
11ms Image
image/jpeg 2600:9000:2240:400:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/uploads/users/29820/9294/avatar92.jpg?1585000487

Requested by

Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:400:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3604cdec2bd000c92f3d79db92c32034e907fbc1627baf89acd82e128bb9d897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 12:02:23 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c53.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8849133
x-cache: Hit from cloudfront
content-length: 3356
x-xss-protection: 1; mode=block
x-served-by: static-web-2
last-modified: Mon, 23 Mar 2020 21:54:48 GMT
server: nginx
etag: "2fcba68410b57bc2ba7da1fdfafcfafc"
content-type: image/jpeg
expires: Sat, 11 Jun 2022 12:02:23 GMT
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: _ZqrsrE2Bo8ds2vqbB74Mdf23nFZr5JfLnqoBoGgnOfkRJ9hScCJgg==
x-cache-hits: 0

GET
H2 200 1.jpg
image.ibb.co/dNDgLH/ Frame 1FF3 74 KB
74 KB 265ms
18ms Image
image/jpeg 145.239.131.60
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.ibb.co/dNDgLH/1.jpg
Requested by: Host: mediun.co
URL: https://mediun.co/eth/eth1/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: cc11813b12c4be220aba6eaaea59635c5b9bb1e308b7d01d605c234ca3aa5390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mediun.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 22:07:56 GMT
last-modified: Fri, 16 Mar 2018 15:02:43 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 75449
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange) Binance (Crypto Exchange)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
c.disquscdn.com
chart.apis.google.com
code.jquery.com
image.ibb.co
mediun.co
static.tumblr.com
145.239.131.60
192.0.77.40
198.54.115.201
199.232.198.49
2001:4de0:ac18::1:a:1b
2600:9000:2240:400:6:8656:f5c0:93a1
2a00:1450:4001:82f::200e
0242f3d1f13a58ca7d84c58121b272ee63c1b11fb1479d416226e2b95d8bb178
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1ed445642945e4491af05364cf2f1f46f909dfbecb3d0aec48042738b70f6600
2e1b6f6eba2154d3ec903bf754ec64f3908fce7b06b6312734f9b334b524a945
30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84
3604cdec2bd000c92f3d79db92c32034e907fbc1627baf89acd82e128bb9d897
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3a6f355fe2a4283a0ef3c00c69b3fb7ac51d9aaa98c3c9572ac04a374fef1204
42049c719ca3ccb1a7e9d58c590b9320e0d0d2fe31f6dedd24fc4d7bfe21537b
4b24e94b50200a2fdd46b6bf4e4c51fb7c2ee6fc82c2982cab126f17ae7110c1
4edb91d880958d290e76c6678b1584b4eca8747b643720f827b79548272c7b25
51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5ea0651d51cd133b1f3027b269e894400b0718b3940e40feb281e06b827285c5
5f9ccfbfbc614d318bf094f18449559b2d65d57b3ecccf3865bb0d3bf9a75c37
60cfa28b7eb57e5ec992f652f1f5061c3e46047cb2454b980eb6de61d18aafa4
78cb366362fbf3bb173088ac4a6c219e21aa9d51d9f3b131cbda3e31fce439db
8db2d72a390bc45796f54ca017e19b94b7d9d45f7f0f4b19c31c238df3998182
9688122305c7d4826020c3e48a91e3eac08b3710593bcf013fe0da7acfd260f4
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
abdb6d577b7d6ce16a8db045551279f724e3a2478f076b488f51d8a17de441bc
c78975383c2b82ab92f72d02d07adbad33eab9a3bcfa725f43c8a90a784dd2bd
cc11813b12c4be220aba6eaaea59635c5b9bb1e308b7d01d605c234ca3aa5390
d846b4ce6f30d7c5a663a99336b1d3703a16acef1a77a70efc3c40988139e0f1
dc8f6b1f581037deab411a2525fd781fbbf05d8557a7bdc5f1edd2c919bc7c4b
e812e438dfc40a4d9dc91d6c70efffc602a66ad86279ed106242595608436244
f0fcbcaeae3b12de878ff361d3959ac0dcd2efb9334f615642235bda554d0da2

mediun.co Open in urlscan Pro 198.54.115.201 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

522 kBTransfer

999 kBSize

0 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

0 Cookies

mediun.co Open in urlscan Pro
198.54.115.201 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

522 kB
Transfer

999 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!