urlscan.io logo urlscan.io
SecurityTrails logo

medstatix.co Open in urlscan Pro
52.200.161.27  Public Scan

Go To Rescan Add Verdict Report
URL: https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Submission: On May 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 52.200.161.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is medstatix.co. The Cisco Umbrella rank of the primary domain is 990462.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 11th 2022. Valid for: a year.
This is the only time medstatix.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 52.200.161.27 14618 (AMAZON-AES)
8 1
Apex Domain
Subdomains		 Transfer
7 medstatix.co
medstatix.co — Cisco Umbrella Rank: 990462
352 KB
1 medstatix.com
images.medstatix.com
12 KB
8 2
Domain Requested by
7 medstatix.co medstatix.co
1 images.medstatix.com medstatix.co
8 2

This site contains no links.

Subject Issuer Validity Valid
medstatix.co
Go Daddy Secure Certificate Authority - G2		 2022-08-11 -
2023-09-10		 a year crt.sh
*.medstatix.com
Go Daddy Secure Certificate Authority - G2		 2022-07-26 -
2023-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Frame ID: 986CDD6AF845664CE8710FA5AA9914DC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey Survey

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

365 kB
Transfer

367 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6kFNxf_Jh0y7aDTjf7ENyg
medstatix.co/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
62cf055ef53faf8f0e5da54326777f68a1605ab70e0604f25f57c3cd6fafabfb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
2000
cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
content-type
text/html; charset=utf-8
date
Mon, 29 May 2023 22:25:10 GMT
server
x
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-stage
prod
x-xss-protection
1; mode=block
jquery_tls
medstatix.co/Static/Scripts/ 		123 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medstatix.co/Static/Scripts/jquery_tls?v=uxk50c_c4pPVRv1TmA-6SunyeI02ZqD5iDG9D98ZV3I1
Requested by
Host: medstatix.co
URL: https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
8761293b90aba33845f42d05fd9b8481d389e7de122194895acbeb0cd12d423d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 22:25:10 GMT
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
126017
x-xss-protection
1; mode=block
last-modified
Mon, 29 May 2023 22:25:10 GMT
server
x
x-frame-options
SAMEORIGIN
vary
User-Agent
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-max-age
2000
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
x-stage
prod
expires
Tue, 28 May 2024 22:25:10 GMT
msxcss
medstatix.co/Static/Styles/ 		154 KB
155 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medstatix.co/Static/Styles/msxcss?v=16Renbh3ZaaEqcSBgAjJkrjHqAnqjjUdw_m1K4kAPkA1
Requested by
Host: medstatix.co
URL: https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
24898f9d4e2b56e6feb5dfdf9b9ade3861977a82acf173dd9aee9da2b22a9a11
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 22:25:10 GMT
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
157467
x-xss-protection
1; mode=block
last-modified
Mon, 29 May 2023 22:25:10 GMT
server
x
x-frame-options
SAMEORIGIN
vary
User-Agent
access-control-allow-methods
GET, POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-max-age
2000
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
x-stage
prod
expires
Tue, 28 May 2024 22:25:10 GMT
msxsurveyjs
medstatix.co/Static/Scripts/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medstatix.co/Static/Scripts/msxsurveyjs?v=euoYdH6l7fXuRUEZ6vLpza1ZzDtA2PKbdcMk2ZwUiVU1
Requested by
Host: medstatix.co
URL: https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
6268997e3899e581f1f1767a3d21857284745451118a42734eab4903bdb09c62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 22:25:10 GMT
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
30211
x-xss-protection
1; mode=block
last-modified
Mon, 29 May 2023 22:25:10 GMT
server
x
x-frame-options
SAMEORIGIN
vary
User-Agent
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-max-age
2000
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
x-stage
prod
expires
Tue, 28 May 2024 22:25:10 GMT
797506ce-f2f7-4da4-8349-3a3bdbfd7728
images.medstatix.com/logo/P/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.medstatix.com/logo/P/797506ce-f2f7-4da4-8349-3a3bdbfd7728
Requested by
Host: medstatix.co
URL: https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
3a721b6c944edef1a769b2215084092452eae2e0b4fae92a20c985498949fa7a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-ancestors 'none'; form-action 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medstatix.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 22:25:11 GMT
content-security-policy
default-src 'none'; frame-ancestors 'none'; form-action 'none'; base-uri 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
x
x-cache-status
HIT
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private
content-length
12336
x-xss-protection
1; mode=block
loading.gif
medstatix.co/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medstatix.co/images/loading.gif
Requested by
Host: medstatix.co
URL: https://medstatix.co/Static/Styles/msxcss?v=16Renbh3ZaaEqcSBgAjJkrjHqAnqjjUdw_m1K4kAPkA1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
a6eae7615a906bfbd607679e0abd0586da2c63bcddfef979ad68afe250e428b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medstatix.co/Static/Styles/msxcss?v=16Renbh3ZaaEqcSBgAjJkrjHqAnqjjUdw_m1K4kAPkA1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 29 May 2023 22:25:11 GMT
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-length
9427
x-xss-protection
1; mode=block
last-modified
Tue, 09 May 2023 13:39:54 GMT
server
x
etag
"0b18bbc7b82d91:0"
access-control-max-age
2000
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
accept-ranges
bytes
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
x-stage
prod
Surveys.ashx
medstatix.co/Handlers/ 		29 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medstatix.co/Handlers/Surveys.ashx?method=get&sID=797506ce-f2f7-4da4-8349-3a3bdbfd7728&rID=c54d41ea-c9ff-4c87-bb68-34e37fb10dca
Requested by
Host: medstatix.co
URL: https://medstatix.co/Static/Scripts/jquery_tls?v=uxk50c_c4pPVRv1TmA-6SunyeI02ZqD5iDG9D98ZV3I1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
ce44092ef5fde4f6dbfc374bf126f334c5130b5571392b1b12b7d9b6d76b6d4c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
X-Requested-With
XMLHttpRequest
ContentType
application/json
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 29 May 2023 22:25:11 GMT
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
x
access-control-max-age
2000
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
content-length
29667
x-stage
prod
x-xss-protection
1; mode=block
Answers.ashx
medstatix.co/Handlers/ 		49 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medstatix.co/Handlers/Answers.ashx?method=get&sID=797506ce-f2f7-4da4-8349-3a3bdbfd7728&rID=c54d41ea-c9ff-4c87-bb68-34e37fb10dca
Requested by
Host: medstatix.co
URL: https://medstatix.co/Static/Scripts/jquery_tls?v=uxk50c_c4pPVRv1TmA-6SunyeI02ZqD5iDG9D98ZV3I1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.200.161.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-161-27.compute-1.amazonaws.com
Software
x /
Resource Hash
e10fe03c8c17ba4a66ad277c849a922b0bb5efc292d82bc4cda36bce4d58e7e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://medstatix.co/6kFNxf_Jh0y7aDTjf7ENyg?v=1
X-Requested-With
XMLHttpRequest
ContentType
application/json
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 29 May 2023 22:25:12 GMT
content-security-policy
frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
x
access-control-max-age
2000
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-frame-options
SAMEORIGIN
access-control-allow-headers
Origin, Content-Type, X-Auth-Token, Accept, Authorization
content-length
49
x-stage
prod
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless undefined| Mobile boolean| Desktop string| closeButton string| unsupportedBrowser string| supportedBrowser function| $ function| jQuery object| browser string| sid string| rid string| errorText function| copyToClipboard object| msx function| completeSurvey function| getSurvey function| surveyReady function| startSurvey object| survey

1 Cookies

Domain/Path Name / Value
medstatix.co/ Name: ASP.NET_SessionId
Value: kopyi1vjl0nvttcf3sx4vpgj

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; default-src 'self'; img-src 'self' *.medstatix.com data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.wylei.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block