alert.meds.cl Open in urlscan Pro
98.64.189.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://alert.meds.cl/
Effective URL:
https://alert.meds.cl/nologin
Submission: On October 21 via automatic, source certstream-suspicious (October 21st 2024, 1:01:35 am UTC) — Scanned from NL

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 98.64.189.28, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is alert.meds.cl.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on June 3rd 2024. Valid for: 6 months.

This is the only time alert.meds.cl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	98.64.189.28 98.64.189.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.219.97.75 52.219.97.75	16509 (AMAZON-02) (AMAZON-02)
9	3

8 98.64.189.28 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

alert.meds.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.97.75 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com

meds-reserva-online.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	meds.cl 1 redirects alert.meds.cl	508 KB
1	amazonaws.com meds-reserva-online.s3.amazonaws.com	518 KB
0	b-cdn.net Failed meds.b-cdn.net Failed
9	3

	Domain	Requested by
8	alert.meds.cl	1 redirects alert.meds.cl
1	meds-reserva-online.s3.amazonaws.com	alert.meds.cl
0	meds.b-cdn.net Failed	alert.meds.cl
9	3

This site contains no links.

Subject Issuer	Validity	Valid
alert.meds.cl GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-06-03` - `2024-12-03`	6 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://alert.meds.cl/nologin
Frame ID: 06E1A0BF1BA35A81C263EBB9669BCEC0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reportes y Alertas

Page URL History Show full URLs

https://alert.meds.cl/ HTTP 302
https://alert.meds.cl/nologin Page URL

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1026 kB
Transfer

2598 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://alert.meds.cl/ HTTP 302
https://alert.meds.cl/nologin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request nologin Show response
alert.meds.cl/
Redirect Chain

https://alert.meds.cl/
https://alert.meds.cl/nologin

2 KB
1 KB

30ms
30ms

Document
text/html

98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://alert.meds.cl/nologin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51a998123e46779b1cf90017bb98306314871c6dc05cdfd1d865be38d51762ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: public, must-revalidate, max-age=30
content-encoding: br
content-type: text/html
date: Mon, 21 Oct 2024 01:01:29 GMT
etag: "44160108"
last-modified: Wed, 02 Feb 2022 23:43:37 GMT
referrer-policy: same-origin
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store
content-length: 0
date: Mon, 21 Oct 2024 01:01:29 GMT
location: /nologin

GET
H2 200 2.d000eb9a.chunk.css
alert.meds.cl/static/css/ 213 KB
37 KB 35ms
34ms Stylesheet
text/css 98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://alert.meds.cl/static/css/2.d000eb9a.chunk.css

Requested by

Host: alert.meds.cl
URL: https://alert.meds.cl/nologin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8fccec9f2edffc8d2c9aeb9f01786f0c5d021649c9f5b6126c4ce607a7001058

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://alert.meds.cl/nologin

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
content-encoding: br
etag: "44160108"
referrer-policy: same-origin
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 01:01:29 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 02 Feb 2022 23:43:37 GMT
vary: Accept-Encoding

GET
H2 200 main.2e9d2c7a.chunk.css
alert.meds.cl/static/css/ 4 KB
1 KB 76ms
75ms Stylesheet
text/css 98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://alert.meds.cl/static/css/main.2e9d2c7a.chunk.css

Requested by

Host: alert.meds.cl
URL: https://alert.meds.cl/nologin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6c74f8d00b99a714f0d0c31fcdd4abf0aefa297ef546748e8c09e6ac3617fd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://alert.meds.cl/nologin

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
content-encoding: br
etag: "44160108"
referrer-policy: same-origin
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 01:01:29 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 02 Feb 2022 23:43:37 GMT
vary: Accept-Encoding

GET
H2 200 2.92f281bc.chunk.js Show response
alert.meds.cl/static/js/ 2 MB
453 KB 107ms
106ms Script
text/javascript 98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://alert.meds.cl/static/js/2.92f281bc.chunk.js

Requested by

Host: alert.meds.cl
URL: https://alert.meds.cl/nologin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

72b9867dbd632423e1711fe3b9efad2b69341cde93f528e7d7fe7e4569e4e404

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://alert.meds.cl/nologin

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
content-encoding: br
etag: "44160108"
referrer-policy: same-origin
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 01:01:29 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Wed, 02 Feb 2022 23:43:37 GMT
vary: Accept-Encoding

GET
H2 200 main.faf72ee3.chunk.js Show response
alert.meds.cl/static/js/ 89 KB
15 KB 31ms
31ms Script
text/javascript 98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://alert.meds.cl/static/js/main.faf72ee3.chunk.js

Requested by

Host: alert.meds.cl
URL: https://alert.meds.cl/nologin

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

824eb5a006d7295811b9bd17b4a19b5bf6ea34d90977d2718558d14c0caa4a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://alert.meds.cl/nologin

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
content-encoding: br
etag: "44160108"
referrer-policy: same-origin
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 01:01:29 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
last-modified: Wed, 02 Feb 2022 23:43:37 GMT
vary: Accept-Encoding

GET
H2 200 me Show response
alert.meds.cl/.auth/ 31 B
123 B 18ms
17ms XHR
application/json 98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://alert.meds.cl/.auth/me
Requested by: Host: alert.meds.cl
URL: https://alert.meds.cl/static/js/2.92f281bc.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b178c5ebec2934454f4b46fc302c34a8c286f785cf481db9ee12cdbf3617bd18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://alert.meds.cl/nologin

Response headers

content-encoding: br
date: Mon, 21 Oct 2024 01:01:30 GMT
content-type: application/json
vary: Accept-Encoding

GET
H/1.1 200
OK background_alt.png
meds-reserva-online.s3.amazonaws.com/ 517 KB
518 KB 426ms
160ms Image
image/png 52.219.97.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meds-reserva-online.s3.amazonaws.com/background_alt.png
Requested by: Host: alert.meds.cl
URL: https://alert.meds.cl/nologin
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.219.97.75 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e86c0218277577c9703ddd2c53dc96c131aecc66469dc07c4bd82895cc3e6d3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2: TXruhpfEFy8//p0gYrk+iNY0+7uj4VyiIoYhfUFTagIzGF0Qng1/RR9J/xMzp+h23+D/OvNdLEg=
ETag: "089d25a2d5c6b4136bf0d2a4558eb178"
x-amz-request-id: KJMHXBCJ9B59D89H
Accept-Ranges: bytes
Content-Length: 529850
Date: Mon, 21 Oct 2024 01:01:32 GMT
Last-Modified: Thu, 11 Jul 2024 17:03:25 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET logo-meds.png
meds.b-cdn.net/wp-content/uploads/ 0
0

GET
H2 200 favicon.ico
alert.meds.cl/ 1 KB
1 KB 24ms
24ms Other
image/vnd.microsoft.icon 98.64.189.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://alert.meds.cl/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

98.64.189.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed11eb3599cfcea03d44dab68df0d33f2681c317f5172079966d7f5fa0d59e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://alert.meds.cl/nologin

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
cache-control: public, must-revalidate, max-age=30
x-dns-prefetch-control: off
etag: "44160108"
referrer-policy: same-origin
x-content-type-options: nosniff
content-length: 1150
date: Mon, 21 Oct 2024 01:01:30 GMT
x-xss-protection: 1; mode=block
content-type: image/vnd.microsoft.icon
last-modified: Wed, 02 Feb 2022 23:43:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: meds.b-cdn.net
URL: https://meds.b-cdn.net/wp-content/uploads/logo-meds.png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alert.meds.cl
meds-reserva-online.s3.amazonaws.com
meds.b-cdn.net
meds.b-cdn.net
52.219.97.75
98.64.189.28
51a998123e46779b1cf90017bb98306314871c6dc05cdfd1d865be38d51762ec
6c74f8d00b99a714f0d0c31fcdd4abf0aefa297ef546748e8c09e6ac3617fd21
72b9867dbd632423e1711fe3b9efad2b69341cde93f528e7d7fe7e4569e4e404
824eb5a006d7295811b9bd17b4a19b5bf6ea34d90977d2718558d14c0caa4a38
8fccec9f2edffc8d2c9aeb9f01786f0c5d021649c9f5b6126c4ce607a7001058
b178c5ebec2934454f4b46fc302c34a8c286f785cf481db9ee12cdbf3617bd18
e86c0218277577c9703ddd2c53dc96c131aecc66469dc07c4bd82895cc3e6d3a
ed11eb3599cfcea03d44dab68df0d33f2681c317f5172079966d7f5fa0d59e18

alert.meds.cl Open in urlscan Pro 98.64.189.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1026 kBTransfer

2598 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

alert.meds.cl Open in urlscan Pro
98.64.189.28 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1026 kB
Transfer

2598 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions