medusa-stealer.cc Open in urlscan Pro
2606:4700:3030::6815:3c95 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://medusa-stealer.cc/
Submission: On April 12 via manual (April 12th 2023, 3:28:46 pm UTC) from GB — Scanned from GB

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3030::6815:3c95, located in United States and belongs to CLOUDFLARENET, US. The main domain is medusa-stealer.cc.

This is the only time medusa-stealer.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3030::6815:3c95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
22	5

18 2606:4700:3030::6815:3c95 (United States)

ASN13335 (CLOUDFLARENET, US)

medusa-stealer.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	medusa-stealer.cc medusa-stealer.cc	130 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1030	12 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
22	4

	Domain	Requested by
18	medusa-stealer.cc	medusa-stealer.cc static.cloudflareinsights.com
2	static.cloudflareinsights.com	medusa-stealer.cc
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	medusa-stealer.cc
22	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://medusa-stealer.cc/
Frame ID: 3E056D71FFC99D1FF5DF2FAE397234C3
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medusa Stealer's - HTTP C2 Security Experts

Page URL History Show full URLs

http://medusa-stealer.cc/ Page URL
http://medusa-stealer.cc/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

22
Requests

18 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

180 kB
Transfer

543 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medusa-stealer.cc/ Page URL
http://medusa-stealer.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 202
Accepted / Show response
medusa-stealer.cc/ 1 KB
2 KB 195ms
129ms Document
text/html 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb918e37a81041a21a48e654394bed19838a23ffaffa69a5b993fd01c5358df3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7b6c802328d3dc77-LHR
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/html
Date: Wed, 12 Apr 2023 15:28:41 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E94crCw%2B9amzmJ5DwQPE%2Bk5orTgCk8Hne%2BUp0nMFzhWc2tD%2FOO1m4w%2FeykCs9hYCzqb3X%2FiYNXTlCPBUPuJBqAMyLT7K9gfegKJRshHatNvrBfHWDjl3QhVwL57Y5Ov3AA0BwNO7VNx5cThCmmWs0w%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK min.js Show response
medusa-stealer.cc/ 25 KB
8 KB 79ms
78ms Script
application/javascript 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://medusa-stealer.cc/min.js
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaa55031f6cd57549591e9fccf448a0d8e25c85d5a165e23df9b1e56632f3b8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Sat, 18 Mar 2023 02:36:47 GMT
Server: cloudflare
ETag: W/"641523bf-6517"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyKwReeVMubGfG13UGPuuCzhu%2BMszcEmOhjBnuUxyni6vF3RmvwdXeZazRc7nLR6BHR2mHHX%2BMeEG%2BWic9AKAksUAdxA%2BP%2B3L2gQzyGskanm2FPmk38kEFNvfUc99qSKwgVgLTFjmcemA9hi5SRQLw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=300
CF-RAY: 7b6c80241ad2dc77-LHR

GET
H/1.1 200
OK rocket-loader.min.js Show response
medusa-stealer.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 77ms
47ms Script
application/javascript 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://medusa-stealer.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 Apr 2023 10:03:57 GMT
Server: cloudflare
ETag: W/"642bf60d-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GjDKroOjrpbkcva%2BmOqwsLHzCqcX6rCGuPdEbcq%2B9qBLs09q1HL9Nqy6%2FnX3sIGT6FFNUPYmZ4sSAw8F1v03Tkj5mzkmRGIg0lx9o5RPV6IowbsCdETdcGuIwRPUsYSJuFp%2BNZMMu3C81B8E%2Bckjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 7b6c80244c11d180-LHR
Expires: Fri, 14 Apr 2023 15:28:41 GMT

GET
H2 200 v2b4487d741ca48dcbadcaf954e159fc61680799950996
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 155ms
74ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://medusa-stealer.cc/
Origin: http://medusa-stealer.cc
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:28:41 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
server: cloudflare
etag: W/2023.4.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b6c8024abde76cf-LHR

GET
H/1.1 200
OK Primary Request / Show response
medusa-stealer.cc/ 27 KB
7 KB 99ms
98ms Document
text/html 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://medusa-stealer.cc/
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0bb8320ae407b2a82e103615cc2c4a9a08187d708193ec5bf2a62f9ff4edfa5

Request headers

Referer: http://medusa-stealer.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 7b6c8024abcddc77-LHR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Apr 2023 15:28:41 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMn6O9%2BCScePZ%2BtZRhx0NH%2Fo5MS7vR1H%2Bay7f%2B5LI18cFjL5VuwGWA4rB14sK1KT6IcBlY7FOiXm00gbNDTa%2B5M%2Bju1vjVJ71Kl0A00JKHemjp8grt4CMonD7fS1wtPI4xQg2Q8pgrS5al4K7VpelA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Proxy-Cache: BYPASS
X-Served-By: medusa-stealer.cc
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK styles.css
medusa-stealer.cc/auth/resources/cada/index/medusa-public/css/ 37 KB
9 KB 60ms
60ms Stylesheet
text/css 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/css/styles.css
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d93ff4b0023b9a08c1c1d2bf37be640fc5c0f34de716df87deb400cec06350c0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: MISS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Cf-Bgj: minify
Server: cloudflare
ETag: W/"95a7-183fb566230"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jPr5P1TEEdGwqbrZhO7g0HcOVBxwqAyWgxpe8Mu1%2Fp%2Fi6uWqk%2FlrSqeXwhjC99XzK7qLD4%2Fou%2BIFl3sB2OySq2FUt9wPLVQ7NBrcaEWjdS%2FipxCIu8J5xv0%2BZn1wN2gXuA5LpI9DKlByifJqGQCow%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=52239
CF-RAY: 7b6c80255ce6dc77-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK snow.js Show response
medusa-stealer.cc/auth/resources/cada/dashboard/medusa-public/js/ 2 KB
2 KB 82ms
82ms Script
application/javascript 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://medusa-stealer.cc/auth/resources/cada/dashboard/medusa-public/js/snow.js
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4757e7331f10281a89d53e64339a36810bdce438aabf4e133d9dc3fe2d235150

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: BYPASS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"8bc-18508e55770"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPuMB4PlrC0Ni4NquzfX7LCm%2BLnDS0uOpnwlwqAmMtIgi5HgJAYmTujQkA6w%2FHtX2glFRyxchCwluNIfAGb59vSI%2BJweQXn0Fq4nk4iUojBrxC8Vk8m%2B26z3Lsaj%2FN0P9uLk4d4dooztze6BLj2GAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=32479
CF-RAY: 7b6c80255e42d180-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK favicon.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 4 KB
3 KB 118ms
86ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/favicon.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2691ff2f9a92fc06a252e16b8b397c2ab5e7356e5003044069bff384ed6bea4e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: BYPASS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"1067-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvEjFXRI6NLKQhgUGdmEpejaiFkk2y%2BhtkZrFz64MIp3RTeaTDdV3rXyjXk9Cf7KWlJFafhV%2F9NyyF6GUHQD%2F7J52tf6C85PCDwiRo%2FwOHNJkbc1XtLRVfkOWKuGOzPcw6IH78%2FQbufgaTksZWclFw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=32479
CF-RAY: 7b6c8025a9be48bd-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK feature-tile-icon-01.0f9928d7.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 312 B
1 KB 92ms
61ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/feature-tile-icon-01.0f9928d7.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd13ff3f1f5d94b6b1bb9040a4c6ce0e3bd9b11b49a92ee55c199499f91ab78

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: MISS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"138-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7y%2BYUBNfXm2zTk3kq%2BDH8nQlfSonp4y9vM4F3fZl5Bi0aCYhmRv82yZ18qVUwEf9NSE498QXAHfbpnDZ6aoQJ36TZmkD9CH9EcKB2sYPBUsA9wriDCljSmepbkvS11N4Oc4FTtdrZe5Znl1mdM14Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=52239
CF-RAY: 7b6c8025aa26dd23-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK feature-tile-icon-02.bd39f304.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 246 B
1 KB 177ms
145ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/feature-tile-icon-02.bd39f304.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb9b36f808fb1e9fa4c6d84af46dfedc92b53850990ff95d10cb3e834b4441a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: BYPASS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"f6-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDnI%2Fd9k%2BSkGL9u1j%2BoQmrRx5z5JkIYeR4Y9zP0PC7gOqzY8e5bh6bSzvQlf4MRwlwmZCTV7PNWJHA%2FM1u3rI%2BV2K8QCM921530ELq80caEf7UbwOsnrWG6%2FYZd7be7PdKUqn11gMoNts4E1Iik8aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=32479
CF-RAY: 7b6c8025ae9b4052-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK feature-tile-icon-03.66f37ba5.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 323 B
1 KB 143ms
111ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/feature-tile-icon-03.66f37ba5.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e794117c2698be46cad955263c9148181e452a6d7a070fdb362dc7afd86d151b

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: MISS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"143-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiuljJjQk%2Fhd%2BBwVBWEbZ7sQgGJU8Qx5Xt0SxlZ3hsjL4Z7441CsdaarmtkwxwFWgN2Fz3p1r0DayvcLyQmVuS0V%2BjAHYNm2cdlzAm4Pl14E1ZmxEdE1gsSmDWvvKrOjCYL%2BVpJQGKkAA2l31EztJg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=52239
CF-RAY: 7b6c8025aa9174c1-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK feature-tile-icon-04.836acd10.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 334 B
1 KB 98ms
98ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/feature-tile-icon-04.836acd10.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dbf2c4d555fb52612831ceb9acd39b38270cd16bc52547e3a492867466e06f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: BYPASS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"14e-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaDJZEf0Pbuv0HdkbrAanB10en6IUcsfUqutj3ewHrsu2Co8Hk4Y15Q9V3kEdmgnKL9EwOHEYtq6Iubpyb%2Bjmq1r%2Fo8R2UTaO0xAxjZcWBSEeynEkzCl0QhZxul%2Fk4HRAoSJVtfiIUA6qd%2BhBueEYg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=32479
CF-RAY: 7b6c8025bd90dc77-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK feature-tile-icon-05.fa9ba00b.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 346 B
1 KB 60ms
60ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/feature-tile-icon-05.fa9ba00b.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc9fe5e3a9a422401074bb576ef12edc2a1ca5198617572307323b1507ac364

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: MISS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"15a-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAaeo9UK%2Bl30qWNpodvOJG6suC5HlrdQpGVNli8w6V1ZzA%2FQnwjhsk6cAlH92Vs1KGzJMlqqLcOwQCydF7gN0EIpEcHIiw9KWVPWaCY3b4xdTfIvS%2BlQPwRUA4UnodQ1qHa%2F6cMjpYSX85XLkuRT%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=52239
CF-RAY: 7b6c8025df5cd180-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK feature-tile-icon-06.6a177696.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 510 B
1 KB 84ms
84ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/feature-tile-icon-06.6a177696.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f57e99b3714955250e44ecf354097b98885d704c63809e6dad3856826b4b1ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: BYPASS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"1fe-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQ4DV49wHJ1y9yg5ZWn0C0T8WbakdLCqbCGgkJQ12RQGLkEInwCxphxCaPPm0IW706q3rB3qFd5UYItpA5w8uIgGyorxtljTlLMO92MHacpKc14Hye8fvEo8qsynkZ2FMdoMhCe5pAajMSJBcZlQ7g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=32479
CF-RAY: 7b6c80260ad0dd23-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK d1.eb23152d.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 215 KB
50 KB 60ms
57ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/d1.eb23152d.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb2975184d7208506f7c3534bc7252bf3d6e267b9ab1d9a45e79eeed15b9f8b0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: MISS
Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"35a96-183fb566230"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LG9VJ7G%2F%2FtB%2Bmu9CsE8I7UVeIiyCNNzhai6nuhrDMxFpyuv9GSF0%2BuhPRCVJroYhx8u6TFbVB2i2ybi65Ca%2FT8MreKTSzE2DTXyopZKMe%2BWTweHqwEq04BqjiYa5gaUMucmVxjukl7TqvRsBPv5Opw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=52239
CF-RAY: 7b6c8026384cd180-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK d3.7e28f7f2.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 51 KB
14 KB 80ms
79ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/d3.7e28f7f2.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 376c4e61b6c16e307f0617994e72884a149b2cb75d4e0392127be90f328ec7af

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: BYPASS
Date: Wed, 12 Apr 2023 15:28:42 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"cc60-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5yAwBvWboLopnmgsghbAbyAdnu8bDKhFF31hL3h%2FpQwwqIqocxTxH0SBU7tzxMsNXMw9I%2Fivg4JpS5uqETCg8XgwnnxvgwIwEWSjC9MEflo0ctafvzGSnVKojIapQMEG09aKGJ4m2w5SQwjAOfKwg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=32479
CF-RAY: 7b6c80263a7648bd-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK d2.20eaa006.svg
medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/ 73 KB
20 KB 66ms
66ms Image
image/svg+xml 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/img/d2.20eaa006.svg
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97af518911a71d47591c932246a9f29d5281d0331ef2a7fd00747d7ccfd750c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Proxy-Cache: MISS
Date: Wed, 12 Apr 2023 15:28:42 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Served-By: medusa-stealer.cc
Server: cloudflare
ETag: W/"1247f-183fb565a60"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84tbLDqnujmPSamUKa%2FyupaxbHsjAdPmCilybQtVeyLKKLMwuCyZsBQbhRd%2F5JeZ6vHCqOqStf4cHIJG1ehRiRZTkrXjmRAZgabSBaRvorLpa98s8hrE4oYjkW9accwDURDTIxakBJiTH3kylmBnaw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=52239
CF-RAY: 7b6c80265b8e74c1-LHR
Expires: Thu, 13 Apr 2023 00:30:00 GMT

GET
H/1.1 200
OK rocket-loader.min.js Show response
medusa-stealer.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 35ms
35ms Script
application/javascript 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://medusa-stealer.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 15:28:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 Apr 2023 10:03:57 GMT
Server: cloudflare
ETag: W/"642bf60d-302c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdR3rUZQ2%2F6hblq%2FpO0ad9gIBIanmsSoPZiTWLuZfp%2B%2B6HHwu3Lkvyzfh3KTVonfYq51bF%2B2B5%2F0Zfj8Sr%2BJw%2BCuAvjJJKXZY6nKzsssSTMoBTRdYhARrYIuuOJva9msqJSfL544TrPxT0cdm0yUMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 7b6c80266e90dc77-LHR
Expires: Fri, 14 Apr 2023 15:28:41 GMT

GET
H2 200 v2b4487d741ca48dcbadcaf954e159fc61680799950996 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 81ms
81ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by: Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2

Request headers

Referer: http://medusa-stealer.cc/
Origin: http://medusa-stealer.cc
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:28:41 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
server: cloudflare
etag: W/2023.4.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b6c80257d6776cf-LHR

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 152ms
53ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,500,600,700,800&display=swap

Requested by

Host: medusa-stealer.cc
URL: http://medusa-stealer.cc/auth/resources/cada/index/medusa-public/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

196fcda9a4e84f1f82e8d56bee2ec020cf77e0aae50604e1618b6b89bce00196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 15:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 15:28:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 15:28:41 GMT

GET
DATA 200
OK truncated
/ 437 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44c6245e17f8681854e88041bb00c4165e7efb8cb00fca7c8d21538cc7f87da1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://medusa-stealer.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 158ms
57ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,500,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://medusa-stealer.cc
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:49 GMT
x-content-type-options: nosniff
age: 104213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:49 GMT

POST
H/1.1 204
No Content rum Show response
medusa-stealer.cc/cdn-cgi/ 0
378 B 55ms
55ms XHR
text/plain 2606:4700:3030::6815:3c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://medusa-stealer.cc/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

Protocol

HTTP/1.1

Server

2606:4700:3030::6815:3c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://medusa-stealer.cc/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 12 Apr 2023 15:28:42 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://medusa-stealer.cc
X-Frame-Options: DENY
access-control-allow-credentials: true
Connection: keep-alive
CF-RAY: 7b6c80283f0174c1-LHR

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			medusa-stealer.cc/	1969-12-31 23:59:59	Name: GX03-0s Value: 122d5b45acf31ee18a2dcd5512fb94ee

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
medusa-stealer.cc
static.cloudflareinsights.com
2606:4700:3030::6815:3c95
2606:4700::6810:3865
2a00:1450:4001:800::2003
2a00:1450:4001:829::200a
0fd13ff3f1f5d94b6b1bb9040a4c6ce0e3bd9b11b49a92ee55c199499f91ab78
196fcda9a4e84f1f82e8d56bee2ec020cf77e0aae50604e1618b6b89bce00196
2691ff2f9a92fc06a252e16b8b397c2ab5e7356e5003044069bff384ed6bea4e
376c4e61b6c16e307f0617994e72884a149b2cb75d4e0392127be90f328ec7af
44c6245e17f8681854e88041bb00c4165e7efb8cb00fca7c8d21538cc7f87da1
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4757e7331f10281a89d53e64339a36810bdce438aabf4e133d9dc3fe2d235150
4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2
6dbf2c4d555fb52612831ceb9acd39b38270cd16bc52547e3a492867466e06f7
9f57e99b3714955250e44ecf354097b98885d704c63809e6dad3856826b4b1ef
aaa55031f6cd57549591e9fccf448a0d8e25c85d5a165e23df9b1e56632f3b8d
bb2975184d7208506f7c3534bc7252bf3d6e267b9ab1d9a45e79eeed15b9f8b0
bb918e37a81041a21a48e654394bed19838a23ffaffa69a5b993fd01c5358df3
c0bb8320ae407b2a82e103615cc2c4a9a08187d708193ec5bf2a62f9ff4edfa5
cb9b36f808fb1e9fa4c6d84af46dfedc92b53850990ff95d10cb3e834b4441a2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d93ff4b0023b9a08c1c1d2bf37be640fc5c0f34de716df87deb400cec06350c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e794117c2698be46cad955263c9148181e452a6d7a070fdb362dc7afd86d151b
e97af518911a71d47591c932246a9f29d5281d0331ef2a7fd00747d7ccfd750c
edc9fe5e3a9a422401074bb576ef12edc2a1ca5198617572307323b1507ac364

medusa-stealer.cc Open in urlscan Pro 2606:4700:3030::6815:3c95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

18 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

180 kBTransfer

543 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

medusa-stealer.cc Open in urlscan Pro
2606:4700:3030::6815:3c95 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

18 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

180 kB
Transfer

543 kB
Size

1
Cookies

22 HTTP transactions
1 data transactions