673f6939848b0d625794ea14.icod.ai Open in urlscan Pro
3.86.91.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://673f6939848b0d625794ea14.icod.ai/
Submission: On November 22 via api (November 22nd 2024, 11:10:09 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 3.86.91.173, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 673f6939848b0d625794ea14.icod.ai.
TLS certificate: Issued by E6 on November 21st 2024. Valid for: 3 months.

This is the only time 673f6939848b0d625794ea14.icod.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	3.86.91.173 3.86.91.173	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:10:... 2606:4700:10::ac43:2910	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.67.220 104.18.67.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
8	5

3 3.86.91.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-91-173.compute-1.amazonaws.com

673f6939848b0d625794ea14.icod.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2910 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.67.220 (None, )

ASN13335 (CLOUDFLARENET, US)

images.pexels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	icod.ai 673f6939848b0d625794ea14.icod.ai	17 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 29761	125 KB
1	pexels.com images.pexels.com — Cisco Umbrella Rank: 41041	35 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
8	5

	Domain	Requested by
3	673f6939848b0d625794ea14.icod.ai	673f6939848b0d625794ea14.icod.ai
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn.tailwindcss.com	1 redirects 673f6939848b0d625794ea14.icod.ai
1	images.pexels.com	673f6939848b0d625794ea14.icod.ai
1	fonts.googleapis.com	673f6939848b0d625794ea14.icod.ai
8	5

This site contains no links.

Subject Issuer	Validity	Valid
673f6939848b0d625794ea14.icod.ai E6	`2024-11-21` - `2025-02-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
images.pexels.com E5	`2024-10-23` - `2025-01-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://673f6939848b0d625794ea14.icod.ai/
Frame ID: 2DD582CE4697D8BCDC092AA3E0686946
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MedSched - Your Medical Scheduler App

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

88 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

211 kB
Transfer

485 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.4.15

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
673f6939848b0d625794ea14.icod.ai/ 8 KB
8 KB 309ms
93ms Document
text/html 3.86.91.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://673f6939848b0d625794ea14.icod.ai/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.91.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-91-173.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 3081eaa66acd5b151fddf8f6ea2728183b6033e2ca00ed39aef60a307a324014

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 7956
Content-Type: text/html
Date: Fri, 22 Nov 2024 23:10:04 GMT
ETag: "67406284-1f14"
Last-Modified: Fri, 22 Nov 2024 10:52:52 GMT
Server: nginx/1.24.0

GET
H2

200

3.4.15 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.4.15

398 KB
125 KB

16ms
15ms

Script
text/javascript

2606:4700:10::ac43:2910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.15

Requested by

Host: 673f6939848b0d625794ea14.icod.ai
URL: https://673f6939848b0d625794ea14.icod.ai/

Protocol

Server

2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e21f0e917f4b92da9139ffc87e135f0d236e28d6ead92f901cdf5fe7f61b4a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://673f6939848b0d625794ea14.icod.ai/

Response headers

server: cloudflare
strict-transport-security: max-age=63072000
cache-control: max-age=31536000
content-encoding: br
x-vercel-cache: MISS
cf-cache-status: HIT
age: 186585
cf-ray: 8e6c973fedbb37f1-FRA
date: Fri, 22 Nov 2024 23:10:04 GMT
content-type: text/javascript
last-modified: Thu, 14 Nov 2024 18:49:46 GMT
vary: Accept-Encoding
x-vercel-id: cle1::iad1::rqpcj-1731610185535-f9be4e997f80

Redirect headers

strict-transport-security: max-age=63072000
cache-control: max-age=14400
location: /3.4.15
x-vercel-cache: MISS
cf-cache-status: HIT
age: 192
cf-ray: 8e6c973fdda037f1-FRA
date: Fri, 22 Nov 2024 23:10:04 GMT
vary: Accept-Encoding
server: cloudflare
x-vercel-id: cle1::iad1::kjfz4-1732316623102-fa97f5b96efb

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 42ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cinzel+Decorative:wght@700&family=Montserrat:wght@400&display=swap

Requested by

Host: 673f6939848b0d625794ea14.icod.ai
URL: https://673f6939848b0d625794ea14.icod.ai/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5db4d0c03de0f01766156ca849b64e2b7d889d302c9fa5430fea359b195018b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://673f6939848b0d625794ea14.icod.ai/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 23:10:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 23:10:04 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 23:10:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK index.css
673f6939848b0d625794ea14.icod.ai/ 1 KB
1 KB 92ms
92ms Stylesheet
text/css 3.86.91.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://673f6939848b0d625794ea14.icod.ai/index.css
Requested by: Host: 673f6939848b0d625794ea14.icod.ai
URL: https://673f6939848b0d625794ea14.icod.ai/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.91.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-91-173.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e61c8c43d777dbf8ea646cb1072beba105e8060b22caa70c55714729a608e022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://673f6939848b0d625794ea14.icod.ai/

Response headers

ETag: "67406284-403"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1027
Date: Fri, 22 Nov 2024 23:10:04 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Nov 2024 10:52:52 GMT
Server: nginx/1.24.0

GET
H3 200 pexels-photo-415829.jpeg
images.pexels.com/photos/415829/ 34 KB
35 KB 53ms
30ms Image
image/webp 104.18.67.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.pexels.com/photos/415829/pexels-photo-415829.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1

Requested by

Host: 673f6939848b0d625794ea14.icod.ai
URL: https://673f6939848b0d625794ea14.icod.ai/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.67.220 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3168504511987cbf4ac1c3954bb42139aa36ede02893c4aeb297a520e35e67fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://673f6939848b0d625794ea14.icod.ai/

Response headers

cf-bgj: imgq:85,h2pri
cf-cache-status: HIT
age: 20845176
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 23:10:04 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=38953
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
date: Fri, 22 Nov 2024 23:10:04 GMT
content-type: image/webp
x-served-by: cache-sjc10070-SJC, cache-dfw-kdfw8210128-DFW
vary: Accept
content-disposition: inline; filename="pexels-photo-415829.webp"
priority: u=1,i
last-modified: Thu, 21 Mar 2024 15:32:13 GMT
server-timing: cfExtPri
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cf-ray: 8e6c9740e8972c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34972
server: cloudflare
x-imgix-id: 651e5457ede66759369d12442cf57b3350c31a5f

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/ 18 KB
18 KB 28ms
8ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cinzel+Decorative:wght@700&family=Montserrat:wght@400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://673f6939848b0d625794ea14.icod.ai
Referer: https://fonts.googleapis.com/

Response headers

age: 356308
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 20:11:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 20:11:36 GMT
last-modified: Wed, 06 Nov 2024 17:30:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18792
x-xss-protection: 0
server: sffe

GET
H3 200 daaHSScvJGqLYhG8nNt8KPPswUAPniZoadlESTE.woff2
fonts.gstatic.com/s/cinzeldecorative/v17/ 15 KB
15 KB 30ms
10ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cinzeldecorative/v17/daaHSScvJGqLYhG8nNt8KPPswUAPniZoadlESTE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cinzel+Decorative:wght@700&family=Montserrat:wght@400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

0826d61da654ac987a9f0046cdc6bcb95eba7f8d2d20f93531d51d008fedea14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://673f6939848b0d625794ea14.icod.ai
Referer: https://fonts.googleapis.com/

Response headers

age: 184708
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 19:51:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 19:51:36 GMT
last-modified: Wed, 20 Nov 2024 00:19:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15488
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK favicon.ico
673f6939848b0d625794ea14.icod.ai/ 8 KB
8 KB 95ms
94ms Other
text/html 3.86.91.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://673f6939848b0d625794ea14.icod.ai/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.91.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-91-173.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 3081eaa66acd5b151fddf8f6ea2728183b6033e2ca00ed39aef60a307a324014

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://673f6939848b0d625794ea14.icod.ai/

Response headers

ETag: "67406284-1f14"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7956
Date: Fri, 22 Nov 2024 23:10:05 GMT
Content-Type: text/html
Last-Modified: Fri, 22 Nov 2024 10:52:52 GMT
Server: nginx/1.24.0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind string| /template.html

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pexels.com/	1970-01-21 01:11:58	Name: __cf_bm Value: AUgswHieqyRJrPH5dDyoL.tmylF.bOIuEZ9AiSRozFc-1732317004-1.0.1.1-c3q.Lq_dszaMGNHi4ZmTbEdPdbnCwfz0SAKku9M8364rKpCZOR5IWDJXWA_34QBuAynbwpjSeSfMf3Nujhq9vQ
			.pexels.com/	1969-12-31 23:59:59	Name: _cfuvid Value: czVcvvbsQrdviJIbXrYpgVLC_F3gGVHUNm1H_eHRO3E-1732317004967-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

673f6939848b0d625794ea14.icod.ai
cdn.tailwindcss.com
fonts.googleapis.com
fonts.gstatic.com
images.pexels.com
104.18.67.220
142.250.185.99
2606:4700:10::ac43:2910
2a00:1450:4001:800::200a
3.86.91.173
0826d61da654ac987a9f0046cdc6bcb95eba7f8d2d20f93531d51d008fedea14
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
3081eaa66acd5b151fddf8f6ea2728183b6033e2ca00ed39aef60a307a324014
3168504511987cbf4ac1c3954bb42139aa36ede02893c4aeb297a520e35e67fb
5db4d0c03de0f01766156ca849b64e2b7d889d302c9fa5430fea359b195018b8
9e21f0e917f4b92da9139ffc87e135f0d236e28d6ead92f901cdf5fe7f61b4a1
e61c8c43d777dbf8ea646cb1072beba105e8060b22caa70c55714729a608e022

673f6939848b0d625794ea14.icod.ai Open in urlscan Pro 3.86.91.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

211 kBTransfer

485 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

673f6939848b0d625794ea14.icod.ai Open in urlscan Pro
3.86.91.173 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

211 kB
Transfer

485 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions