urlscan.io logo urlscan.io
SecurityTrails logo

www.meddiapp.com Open in urlscan Pro
52.29.86.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://medihomecredit.cz/
Effective URL: https://www.meddiapp.com/
Submission: On September 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 52.29.86.117, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.meddiapp.com.
TLS certificate: Issued by Amazon on February 3rd 2021. Valid for: a year.
This is the only time www.meddiapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.217.13 13335 (CLOUDFLAR...)
14 52.29.86.117 16509 (AMAZON-02)
1 172.217.16.138 15169 (GOOGLE)
2 172.67.214.69 13335 (CLOUDFLAR...)
2 104.111.228.10 16625 (AKAMAI-AS)
2 142.250.186.67 15169 (GOOGLE)
22 6
1    172.67.217.13 (United States)

ASN13335 (CLOUDFLARENET, US)
medihomecredit.cz
14    52.29.86.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
www.meddiapp.com
www.meddi.com
1    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
2    172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    104.111.228.10 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-10.deploy.static.akamaitechnologies.com
documentcloud.adobe.com
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
13 www.meddiapp.com www.meddiapp.com
2 fonts.gstatic.com fonts.googleapis.com
2 documentcloud.adobe.com www.meddiapp.com
documentcloud.adobe.com
2 use.fontawesome.com www.meddiapp.com
use.fontawesome.com
1 www.meddi.com www.meddiapp.com
1 fonts.googleapis.com www.meddiapp.com
1 medihomecredit.cz 1 redirects
22 7

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
www.meddiapp.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
assets-cdn.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-23 -
2022-08-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.meddi.com
Amazon		 2020-10-30 -
2021-11-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.meddiapp.com/
Frame ID: 573BCE06946BADF53826693A48C9C74E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ordinace bez hranic | MEDDI app

Page URL History Show full URLs

  1. https://medihomecredit.cz/ HTTP 301
    https://www.meddiapp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+id="snippet-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

4741 kB
Transfer

6061 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://medihomecredit.cz/ HTTP 301
    https://www.meddiapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.meddiapp.com/
Redirect Chain
  • https://medihomecredit.cz/
  • https://www.meddiapp.com/
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx / MEDDI hub, a.s.
Resource Hash
da79c815b1d0b4edc4a84c74c5b7bc8560ee3ffda7df48b7b1f806e7d12fc059
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.meddiapp.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 25 Sep 2021 00:42:07 GMT
content-type
text/html; charset=utf-8
server
nginx
x-powered-by
MEDDI hub, a.s.
x-frame-options
SAMEORIGIN SAMEORIGIN
set-cookie
nette-samesite=1; path=/; SameSite=Strict; secure; HttpOnly PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p; expires=Sat, 09-Oct-2021 00:42:07 GMT; Max-Age=1209600; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
X-Requested-With
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-encoding
gzip

Redirect headers

date
Sat, 25 Sep 2021 00:42:07 GMT
cache-control
max-age=3600
expires
Sat, 25 Sep 2021 01:42:07 GMT
location
https://www.meddiapp.com/
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yJfoveoP9kZggNcfEfNejSff3fTvm5aN28NROUPUIJGXYJD%2F9UDkW8WqNsPo4T4%2FlqJGXTQnt9YNFUaLu4nmA6HcRvehq0TW%2FuyhWU3GL0TIGvT9O8vLVL7XCil2UZmUPHJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
694035f73ac72778-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
www.meddiapp.com/dist/ 		428 KB
429 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/style.min.css?v2f699ac6
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c35afe395dd878f26787c20a18e6a05e87d326124bd230ba6b160e1aa3f5acc5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/style.min.css?v2f699ac6
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
438298
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Sep 2021 15:01:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"614de82e-6b01a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:300,400,500,600,700&display=swap&subset=latin-ext
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
70ea69b15d30cb5b6887c9b5942100b1b016de3b36b05c68039ee9efbadf5372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 25 Sep 2021 00:42:08 GMT
server
ESF
date
Sat, 25 Sep 2021 00:42:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Sep 2021 00:42:08 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://www.meddiapp.com/
Origin
https://www.meddiapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65889
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
83MGP0PXADRZNNJJ
x-amz-id-2
VEJFHzt8XzlABM8bDmgkajwkOD5rDl6N2iDtKYHcElFyhKD1gn2jK1OP9iQ+NgVej6VuXtZM1kI=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gb3KmbuwwMp67QZJyRCfNxXcrVyM59vPYouFN03%2Bpi3Xab0VfgcP7AzHnCM69%2B9T%2BEeI6XlPUuslc3kLaPI2VR3NGe4GJcgO6dw8bqngAJ%2B12XdK6ezG0UMSf8GW2Bn4RUzc6Cj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
694035f85e62410e-PRG
logo.png
www.meddiapp.com/dist/sign/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meddiapp.com/dist/sign/logo.png
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6e6ae0d89edb10519e60841a46e325f75139145b00f7a076e88d905367bc2439
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/sign/logo.png
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
89765
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf330-15ea5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
as-install.png
www.meddiapp.com/dist/sign/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meddiapp.com/dist/sign/as-install.png
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b9873328df8ad8e367a2ef38124d5c9340052720a409153849db7af2f9218a61
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/sign/as-install.png
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
12189
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf330-2f9d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gp-install.png
www.meddiapp.com/dist/sign/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meddiapp.com/dist/sign/gp-install.png
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83f2f3965a247f02ede37e062cdc773ab2a263ee871c57a99e89a2bc88773537
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/sign/gp-install.png
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
14880
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf330-3a20"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
qr-install.png
www.meddiapp.com/dist/sign/ 		590 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meddiapp.com/dist/sign/qr-install.png?v2f699ac6
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa962d779e5cee59e4b9a66c3bf8421a865d7c76f4710aa2a74978f3c0958057
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/sign/qr-install.png?v2f699ac6
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
590
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf330-24e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.js
www.meddiapp.com/dist/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/main.min.js?v2f699ac6
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
518d6779b07e14a94ca939f11d29284902d21530e3b4f3c91747bd286fee619e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/main.min.js?v2f699ac6
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
2816280
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Sep 2021 15:01:02 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"614de82e-2af918"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
image-filter.js
www.meddiapp.com/dist/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/image-filter.js?v2f699ac6
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
30452e3bfda01d7085c86dfcf791c0daf0e6546c9b1185e5975d4358a5b3a0a5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/image-filter.js?v2f699ac6
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
45167
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf330-b06f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
documentcloud.adobe.com/view-sdk/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://documentcloud.adobe.com/view-sdk/main.js
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b2d2954538aa52caeffd3503e8e57a7d26bf8b0b40195df8ab2801dadacd6ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 13:35:31 GMT
etag
"2c6fc3824380716382ea505ab0d337ac"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=60, must-revalidate
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
content-length
893
HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v19/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v19/HhyaU5sn9vOmLzloC_U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:300,400,500,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
0f8f42940da5d7ddbb153b18c0bda9bfa9e56d66be5e3169289973af1c01442b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.meddiapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:14 GMT
x-content-type-options
nosniff
age
55134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35324
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:23:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Sep 2022 09:23:14 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://www.meddiapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63781
cf-ray
694035f89e6f410e-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
74256
x-amz-id-2
NBQJT547as+/PhKgBqbGquslJAjECTfZ8vVtkG8qlBHSpHygUuxMw80RQ4VGSgKK0ZSyawaqOck=
last-modified
Wed, 30 Jun 2021 15:47:00 GMT
server
cloudflare
etag
"418dad87601f9c8abd0e5798c0dc1feb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFROQEWG8eU7CqBfbAyQktOGwoEGzsZuScQWbVIlmTUxu0rHlljSWLDhwwnQpRU3HQKwVPKw9o%2FaQfINh1%2BTfxEwiO%2BY0u0HkI3tuF48TFYrbF5UMUwbw%2FOd6jXXia6SaIQ%2BPmd6"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
GWV31JEBEYDH11ZX
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
HhyaU5sn9vOmLzlmC_W6EQ.woff2
fonts.gstatic.com/s/dosis/v19/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v19/HhyaU5sn9vOmLzlmC_W6EQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:300,400,500,600,700&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
589026c0243b5ff576a17259a2bf6d83af606181f741bb88d739fde9388ee8c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.meddiapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:00:48 GMT
x-content-type-options
nosniff
age
380480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18628
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:00:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 15:00:48 GMT
empty.mp3
www.meddiapp.com/dist/ 		37 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/empty.mp3
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/dist/main.min.js?v2f699ac6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
495b5f164e39c87f7876bb9bfddeab34e6c0b4af915f1900c62613815c6eb1dd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
:path
/dist/empty.mp3
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.meddiapp.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
etag
"60daf330-9547"
x-frame-options
SAMEORIGIN
content-type
audio/mpeg
x-xss-protection
1; mode=block
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
38215
x-content-type-options
nosniff
ring_android.mp3
www.meddiapp.com/dist/ 		701 KB
703 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/ring_android.mp3
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/dist/main.min.js?v2f699ac6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7d38afeacdd7d0093f77424451e2e03300355c0ba5084663a60f3c635be4a878
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
:path
/dist/ring_android.mp3
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.meddiapp.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
etag
"60daf330-af491"
x-frame-options
SAMEORIGIN
content-type
audio/mpeg
x-xss-protection
1; mode=block
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
717969
x-content-type-options
nosniff
calling.mp3
www.meddiapp.com/dist/ 		237 KB
238 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/calling.mp3
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/dist/main.min.js?v2f699ac6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
422865c33acc081d20dec94a014d5bdc17abd305fd7d68251aec8f643e683b2f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
:path
/dist/calling.mp3
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.meddiapp.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
etag
"60daf330-3b31a"
x-frame-options
SAMEORIGIN
content-type
audio/mpeg
x-xss-protection
1; mode=block
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
242458
x-content-type-options
nosniff
notification.m4a
www.meddiapp.com/dist/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.meddiapp.com/dist/notification.m4a
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/dist/main.min.js?v2f699ac6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e0a051e3de50dcf01a939e015d73f7969587adc20886bacc677a4eb56dde74a9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
:path
/dist/notification.m4a
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.meddiapp.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
etag
"60daf330-4191"
x-frame-options
SAMEORIGIN
content-type
audio/x-m4a
x-xss-protection
1; mode=block
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
16785
x-content-type-options
nosniff
czech-republic.svg
www.meddi.com/images/flags/ 		521 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meddi.com/images/flags/czech-republic.svg
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
53683130ee86e44555e20864d49aa4aa110f7bed6b595d5cf43a1995325e8678
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
521
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:46:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf9ed-209"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ViewSDKInterface.js
documentcloud.adobe.com/view-sdk/2.19.2_2.6.1-0101ef3/ 		167 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://documentcloud.adobe.com/view-sdk/2.19.2_2.6.1-0101ef3/ViewSDKInterface.js
Requested by
Host: documentcloud.adobe.com
URL: https://documentcloud.adobe.com/view-sdk/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.10 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a216cb1dc344d9d5b4a055f3b408ec543d0876bdb2126699b5616f04d0b05c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 10:24:02 GMT
etag
"b2dc6aa948d9d21808b452c81084c814"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=2592000, must-revalidate
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
content-length
36123
bg.png
www.meddiapp.com/dist/sign/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meddiapp.com/dist/sign/bg.png
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/dist/style.min.css?v2f699ac6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.86.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-86-117.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a0fec0217567175ddb4745732eb6f3457ca60e20ae4868419af5e244af1f29f7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/dist/sign/bg.png
pragma
no-cache
cookie
nette-samesite=1; PHPSESSID=k8mogsr1qd55ahl7d5ik2oie5p
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.meddiapp.com
referer
https://www.meddiapp.com/dist/style.min.css?v2f699ac6
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.meddiapp.com/dist/style.min.css?v2f699ac6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 00:42:08 GMT
x-content-type-options
nosniff
content-length
223194
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:17:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60daf330-367da"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
permissions-policy
autoplay *; camera *; fullscreen *; geolocation *; gyroscope *; microphone *; speaker *; vibrate *;
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
51dab98c-3090-4a5d-8af9-577a475b0df0
https://www.meddiapp.com/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.meddiapp.com/51dab98c-3090-4a5d-8af9-577a475b0df0
Requested by
Host: www.meddiapp.com
URL: https://www.meddiapp.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| onLoad object| userId object| userType object| scriptsToReload function| addScriptsToReload object| jsTranslation object| FullCalendar object| Gritter object| inputBlockController object| application function| $ function| jQuery function| Popper object| bootstrap function| BootstrapDialog function| PerfectScrollbar function| Inputmask function| default object| gifshot object| __heic2any__worker function| heic2any object| sxwjs function| Color function| Chart object| FullCalendarVDom object| PDFObject function| io object| Nette object| createjs function| uuidv4 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser function| wheelzoom object| MeddiApp object| mymodule object| adobe_dc_view_sdk boolean| __forceSmoothScrollPolyfill__ object| AdobeDC

2 Cookies

Domain/Path Name / Value
www.meddiapp.com/ Name: nette-samesite
Value: 1
www.meddiapp.com/ Name: PHPSESSID
Value: k8mogsr1qd55ahl7d5ik2oie5p

2 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
other warning URL: https://www.meddiapp.com/dist/main.min.js?v2f699ac6(Line 5)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

documentcloud.adobe.com
fonts.googleapis.com
fonts.gstatic.com
medihomecredit.cz
use.fontawesome.com
www.meddi.com
www.meddiapp.com
104.111.228.10
142.250.186.67
172.217.16.138
172.67.214.69
172.67.217.13
52.29.86.117
0f8f42940da5d7ddbb153b18c0bda9bfa9e56d66be5e3169289973af1c01442b
30452e3bfda01d7085c86dfcf791c0daf0e6546c9b1185e5975d4358a5b3a0a5
422865c33acc081d20dec94a014d5bdc17abd305fd7d68251aec8f643e683b2f
495b5f164e39c87f7876bb9bfddeab34e6c0b4af915f1900c62613815c6eb1dd
518d6779b07e14a94ca939f11d29284902d21530e3b4f3c91747bd286fee619e
53683130ee86e44555e20864d49aa4aa110f7bed6b595d5cf43a1995325e8678
589026c0243b5ff576a17259a2bf6d83af606181f741bb88d739fde9388ee8c5
6e6ae0d89edb10519e60841a46e325f75139145b00f7a076e88d905367bc2439
70ea69b15d30cb5b6887c9b5942100b1b016de3b36b05c68039ee9efbadf5372
7d38afeacdd7d0093f77424451e2e03300355c0ba5084663a60f3c635be4a878
83f2f3965a247f02ede37e062cdc773ab2a263ee871c57a99e89a2bc88773537
9b2d2954538aa52caeffd3503e8e57a7d26bf8b0b40195df8ab2801dadacd6ec
a0fec0217567175ddb4745732eb6f3457ca60e20ae4868419af5e244af1f29f7
a216cb1dc344d9d5b4a055f3b408ec543d0876bdb2126699b5616f04d0b05c5b
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f
aa962d779e5cee59e4b9a66c3bf8421a865d7c76f4710aa2a74978f3c0958057
b9873328df8ad8e367a2ef38124d5c9340052720a409153849db7af2f9218a61
c35afe395dd878f26787c20a18e6a05e87d326124bd230ba6b160e1aa3f5acc5
da79c815b1d0b4edc4a84c74c5b7bc8560ee3ffda7df48b7b1f806e7d12fc059
e0a051e3de50dcf01a939e015d73f7969587adc20886bacc677a4eb56dde74a9
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe