urlscan.io logo urlscan.io
SecurityTrails logo

medpointconnect.com Open in urlscan Pro
185.117.169.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://medpointconnect.com/
Effective URL: https://medpointconnect.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 15 via api from IT — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 185.117.169.131, located in Switzerland and belongs to FREY-AS, CH. The main domain is medpointconnect.com.
TLS certificate: Issued by R3 on May 15th 2024. Valid for: 3 months.
This is the only time medpointconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.117.169.131 200713 (FREY-AS)
1 142.250.185.138 15169 (GOOGLE)
5 185.117.169.100 200713 (FREY-AS)
1 142.250.184.234 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
10 5
2    185.117.169.131 (Switzerland)

ASN200713 (FREY-AS, CH)
PTR: server22.hostfactory.ch
medpointconnect.com
1    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
5    185.117.169.100 (Switzerland)

ASN200713 (FREY-AS, CH)
PTR: server100.hostfactory.ch
www.hostfactory.ch
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
5 hostfactory.ch
www.hostfactory.ch
126 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
fonts.googleapis.com — Cisco Umbrella Rank: 33
34 KB
2 medpointconnect.com
medpointconnect.com
2 KB
1 gstatic.com
fonts.gstatic.com
33 KB
10 4
Domain Requested by
5 www.hostfactory.ch medpointconnect.com
www.hostfactory.ch
2 medpointconnect.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com medpointconnect.com
1 ajax.googleapis.com medpointconnect.com
10 5

This site contains links to these domains. Also see Links.

Domain
my.hostfactory.ch
www.hostfactory.ch
Subject Issuer Validity Valid
medpointconnect.com
R3		 2024-05-15 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.hostfactory.ch
Sectigo RSA Domain Validation Secure Server CA		 2023-12-19 -
2025-01-18		 a year crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://medpointconnect.com/
Frame ID: EBB3832697BD2BA2B4731EFA40D232DB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Willkommen auf medpointconnect.com - Hosting by hostfactory.ch

Page URL History Show full URLs

  1. http://medpointconnect.com/ HTTP 307
    https://medpointconnect.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

195 kB
Transfer

263 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://medpointconnect.com/ HTTP 307
    https://medpointconnect.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medpointconnect.com/
Redirect Chain
  • http://medpointconnect.com/
  • https://medpointconnect.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.131 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server22.hostfactory.ch
Software
nginx / PleskLin
Resource Hash
068d30f91950a8244ee3c729b9c5f1810349ff0149f6e859688cb141c247d63b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
1512
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 17:33:56 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PleskLin

Redirect headers

Location
https://medpointconnect.com/
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: medpointconnect.com
URL: https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 14:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 May 2025 14:23:47 GMT
skeleton.js
www.hostfactory.ch/extensions/skeleton/data/ 		245 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hostfactory.ch/extensions/skeleton/data/skeleton.js
Requested by
Host: medpointconnect.com
URL: https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.100 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server100.hostfactory.ch
Software
nginx / PleskLin
Resource Hash
927d4486b2b0c639cf2cf20c472f39339b781de2e534439d165f3fbeacf619a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 14:51:02 GMT
server
nginx
etag
"f5-6187f3f58ced2-gzip"
x-powered-by
PleskLin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
allow
GET, POST, HEAD
cache-control
max-age=604800
accept-ranges
bytes
content-length
165
expires
Wed, 22 May 2024 17:33:56 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500,600,700,800
Requested by
Host: medpointconnect.com
URL: https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
84a2b33a80b78c76e9d8a532aeb7dca0be7750509c7c727e13159b9ad37892fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 17:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 17:33:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 17:33:56 GMT
style.css
www.hostfactory.ch/extensions/skeleton/data/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hostfactory.ch/extensions/skeleton/data/style.css
Requested by
Host: medpointconnect.com
URL: https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.100 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server100.hostfactory.ch
Software
nginx / PleskLin
Resource Hash
cfc8e680759c6140cf6370704c9fa0ca573177ce0c854e495476ceb6f9b79105
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 14:51:02 GMT
server
nginx
etag
"cb4-6187f3f58ced2-gzip"
x-powered-by
PleskLin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
allow
GET, POST, HEAD
cache-control
max-age=604800
accept-ranges
bytes
content-length
939
expires
Wed, 22 May 2024 17:33:56 GMT
hostfactory-logo.svg
www.hostfactory.ch/extensions/skeleton/data/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hostfactory.ch/extensions/skeleton/data/images/hostfactory-logo.svg
Requested by
Host: medpointconnect.com
URL: https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.100 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server100.hostfactory.ch
Software
nginx / PleskLin
Resource Hash
28080676895fce017b3dbdfa163a25a5b89ac267a544b0c4d15415de0c5111c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 14:51:02 GMT
server
nginx
etag
"dc8-6187f3f58ced2-gzip"
x-powered-by
PleskLin
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
allow
GET, POST, HEAD
cache-control
max-age=604800
accept-ranges
bytes
content-length
1546
expires
Wed, 22 May 2024 17:33:56 GMT
webhosting-angebot-neu.png
www.hostfactory.ch/extensions/skeleton/data/images/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hostfactory.ch/extensions/skeleton/data/images/webhosting-angebot-neu.png
Requested by
Host: medpointconnect.com
URL: https://medpointconnect.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.100 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server100.hostfactory.ch
Software
nginx / PleskLin
Resource Hash
adc6e82c6e012333186f8c00db941b816ba18dee12e6f382a7fc18cf6c8f7d8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:33:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 14:51:02 GMT
server
nginx
etag
"1ccdc-6187f3f58ced2"
x-powered-by
PleskLin
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
117980
expires
Wed, 22 May 2024 17:33:56 GMT
cross.png
www.hostfactory.ch/extensions/skeleton/data/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hostfactory.ch/extensions/skeleton/data/images/cross.png
Requested by
Host: www.hostfactory.ch
URL: https://www.hostfactory.ch/extensions/skeleton/data/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.100 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server100.hostfactory.ch
Software
nginx / PleskLin
Resource Hash
d48b065e4551d2222cfa01af39244b44955ff25f384f4cfa1a52d60d100cde12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hostfactory.ch/extensions/skeleton/data/style.css
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:33:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 May 2024 14:51:02 GMT
server
nginx
etag
"1ae5-6187f3f58ced2"
x-powered-by
PleskLin
x-frame-options
SAMEORIGIN
allow
GET, POST, HEAD
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
6885
expires
Wed, 22 May 2024 17:33:56 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://medpointconnect.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 06:41:12 GMT
x-content-type-options
nosniff
age
125565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 06:41:12 GMT
favicon.ico
medpointconnect.com/ 		266 B
289 B 		Other
General
Check archive.org
Download Go to
Full URL
https://medpointconnect.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.117.169.131 , Switzerland, ASN200713 (FREY-AS, CH),
Reverse DNS
server22.hostfactory.ch
Software
nginx /
Resource Hash
5b12b376421afee947a2047584b2f3ec825711a623394ed75c649dad7f6c29dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://medpointconnect.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 17:33:57 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://medpointconnect.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()