medstatix.co Open in urlscan Pro
52.200.161.27  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request T8xauXSklUuuvw88UaBuwQ Show response medstatix.co/	8 KB 4 KB	397ms 121ms	Document text/html	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash c6eef94372949567fb17bb8105a433a7b9e3a931c749ce00609970c0506ed761 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 05 Dec 2021 21:40:54 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Cache-Control private Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization Access-Control-Max-Age 2000 Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Server x Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Stage prod X-XSS-Protection 1; mode=block X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H/1.1	200 OK	jquery_tls Show response medstatix.co/Static/Scripts/	123 KB 124 KB	195ms 195ms	Script text/javascript	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://medstatix.co/Static/Scripts/jquery_tls?v=CBitHOmTxdLH2LWCX5eKeTxpMzjAfE8-dPsZCFwRLMI1 Requested by Host: medstatix.co URL: https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash d4780e1f44b1b6c8404f08f1e467e81045a8befcc4ddabb923c9689a035e4ac2 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 21:40:55 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Connection keep-alive Vary User-Agent Content-Length 126035 X-XSS-Protection 1; mode=block Last-Modified Sun, 05 Dec 2021 21:40:55 GMT Server x X-Frame-Options SAMEORIGIN Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, POST Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization X-Stage prod Expires Mon, 05 Dec 2022 21:40:55 GMT
GET H/1.1	200 OK	msxcss medstatix.co/Static/Styles/	153 KB 154 KB	392ms 193ms	Stylesheet text/css	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://medstatix.co/Static/Styles/msxcss?v=In7wDPrMQcSsaZucvX67fjwFHmv3kZOIodx_GwSSsLs1 Requested by Host: medstatix.co URL: https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash 06c9ec299419cc4e88ce53a20adf09cb7c05a8cde5eac888dfc1e4117206e82f Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 21:40:55 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Connection keep-alive Vary User-Agent Content-Length 156912 X-XSS-Protection 1; mode=block Last-Modified Sun, 05 Dec 2021 21:40:55 GMT Server x X-Frame-Options SAMEORIGIN Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, POST Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization X-Stage prod Expires Mon, 05 Dec 2022 21:40:55 GMT
GET H/1.1	200 OK	msxsurveyjs Show response medstatix.co/Static/Scripts/	28 KB 29 KB	395ms 195ms	Script text/javascript	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://medstatix.co/Static/Scripts/msxsurveyjs?v=YlAAn7ZohzsDnm57DuBKsFC9MpjY_udQiTQ2La7rVmI1 Requested by Host: medstatix.co URL: https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash 07cb4512c59d03cb1abec514186b29aee4c9ffed46e545411178b9a53164bd01 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 21:40:55 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Connection keep-alive Vary User-Agent Content-Length 28958 X-XSS-Protection 1; mode=block Last-Modified Sun, 05 Dec 2021 21:40:55 GMT Server x X-Frame-Options SAMEORIGIN Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, POST Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization X-Stage prod Expires Mon, 05 Dec 2022 21:40:55 GMT
GET H/1.1	200 OK	b264bb2e-1585-459f-be6d-37bca49299c2 images.medstatix.com/logo/P/	12 KB 12 KB	431ms 194ms	Image image/png	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://images.medstatix.com/logo/P/b264bb2e-1585-459f-be6d-37bca49299c2 Requested by Host: medstatix.co URL: https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash 38c318c6fbabdfbc083d9cf9ab15f44866cf5121f0fb6048af0cc268ffa1ed65 Security Headers Name Value Content-Security-Policy default-src 'none'; frame-ancestors 'none'; form-action 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://medstatix.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 21:40:55 GMT X-Content-Type-Options nosniff Server x X-Cache-Status MISS X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type image/png Cache-Control private Content-Security-Policy default-src 'none'; frame-ancestors 'none'; form-action 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' Strict-Transport-Security max-age=31536000; includeSubdomains; preload Content-Length 11889 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	loading.gif medstatix.co/images/	9 KB 10 KB	100ms 100ms	Image image/gif	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://medstatix.co/images/loading.gif Requested by Host: medstatix.co URL: https://medstatix.co/Static/Styles/msxcss?v=In7wDPrMQcSsaZucvX67fjwFHmv3kZOIodx_GwSSsLs1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash a6eae7615a906bfbd607679e0abd0586da2c63bcddfef979ad68afe250e428b6 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://medstatix.co/Static/Styles/msxcss?v=In7wDPrMQcSsaZucvX67fjwFHmv3kZOIodx_GwSSsLs1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 05 Dec 2021 21:40:55 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Connection keep-alive Content-Length 9427 X-XSS-Protection 1; mode=block Last-Modified Thu, 04 Nov 2021 19:41:52 GMT Server x X-Frame-Options SAMEORIGIN ETag "040df3b4d1d71:0" Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, POST Content-Type image/gif Access-Control-Allow-Origin * Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Accept-Ranges bytes Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization X-Stage prod
POST H/1.1	200 OK	Surveys.ashx Show response medstatix.co/Handlers/	45 KB 46 KB	203ms 202ms	XHR application/json	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://medstatix.co/Handlers/Surveys.ashx?method=get&sID=b264bb2e-1585-459f-be6d-37bca49299c2&rID=b95acc4f-a474-4b95-aebf-0f3c51a06ec1 Requested by Host: medstatix.co URL: https://medstatix.co/Static/Scripts/jquery_tls?v=CBitHOmTxdLH2LWCX5eKeTxpMzjAfE8-dPsZCFwRLMI1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash 4de400a1c45735e1fa424a0bb52da98a98d7b9983c53d144c933c703db063f3a Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 X-Requested-With XMLHttpRequest ContentType application/json Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sun, 05 Dec 2021 21:40:55 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Connection keep-alive Content-Length 45859 X-XSS-Protection 1; mode=block Server x X-Frame-Options SAMEORIGIN Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization X-Stage prod
POST H/1.1	200 OK	Answers.ashx Show response medstatix.co/Handlers/	49 B 886 B	105ms 105ms	XHR application/json	52.200.161.27 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://medstatix.co/Handlers/Answers.ashx?method=get&sID=b264bb2e-1585-459f-be6d-37bca49299c2&rID=b95acc4f-a474-4b95-aebf-0f3c51a06ec1 Requested by Host: medstatix.co URL: https://medstatix.co/Static/Scripts/jquery_tls?v=CBitHOmTxdLH2LWCX5eKeTxpMzjAfE8-dPsZCFwRLMI1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-161-27.compute-1.amazonaws.com Software x / Resource Hash e10fe03c8c17ba4a66ad277c849a922b0bb5efc292d82bc4cda36bce4d58e7e6 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://medstatix.co/T8xauXSklUuuvw88UaBuwQ?v=2 X-Requested-With XMLHttpRequest ContentType application/json Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sun, 05 Dec 2021 21:40:56 GMT Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Connection keep-alive Content-Length 49 X-XSS-Protection 1; mode=block Server x X-Frame-Options SAMEORIGIN Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, POST Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com; Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, Accept, Authorization X-Stage prod

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler undefined| Mobile boolean| Desktop string| closeButton string| unsupportedBrowser string| supportedBrowser function| $ function| jQuery object| browser string| sid string| rid string| errorText function| copyToClipboard object| msx function| getSurvey function| surveyReady function| startSurvey object| survey

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			medstatix.co/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vawczgylfjh4ttusb5ardpde

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.medstatix.com
medstatix.co
52.200.161.27
06c9ec299419cc4e88ce53a20adf09cb7c05a8cde5eac888dfc1e4117206e82f
07cb4512c59d03cb1abec514186b29aee4c9ffed46e545411178b9a53164bd01
38c318c6fbabdfbc083d9cf9ab15f44866cf5121f0fb6048af0cc268ffa1ed65
4de400a1c45735e1fa424a0bb52da98a98d7b9983c53d144c933c703db063f3a
a6eae7615a906bfbd607679e0abd0586da2c63bcddfef979ad68afe250e428b6
c6eef94372949567fb17bb8105a433a7b9e3a931c749ce00609970c0506ed761
d4780e1f44b1b6c8404f08f1e467e81045a8befcc4ddabb923c9689a035e4ac2
e10fe03c8c17ba4a66ad277c849a922b0bb5efc292d82bc4cda36bce4d58e7e6