medicalexaminations.co.za Open in urlscan Pro
2606:4700:3036::6815:37cc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://medicalexaminations.co.za/tcu/qakbot.zip
Submission Tags: falconsandbox
Submission: On April 18 via api (April 18th 2024, 7:30:12 am UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3036::6815:37cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is medicalexaminations.co.za.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2024. Valid for: 3 months.

This is the only time medicalexaminations.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:303... 2606:4700:3036::6815:37cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
45	8

29 2606:4700:3036::6815:37cc (United States)

ASN13335 (CLOUDFLARENET, US)

medicalexaminations.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	medicalexaminations.co.za medicalexaminations.co.za	332 KB
8	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3731	32 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	180 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2404	260 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
45	6

	Domain	Requested by
29	medicalexaminations.co.za	medicalexaminations.co.za
8	static.addtoany.com	medicalexaminations.co.za static.addtoany.com
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	medicalexaminations.co.za
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	medicalexaminations.co.za
45	6

This site contains links to these domains. Also see Links.

Domain
www.thinksafe.co.za
www.facebook.com
twitter.com
instagram.com
www.addtoany.com

Subject Issuer	Validity	Valid
medicalexaminations.co.za GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
static.addtoany.com E1	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://medicalexaminations.co.za/tcu/qakbot.zip
Frame ID: CC2C9195CF10CC5DBACDE2B7F2F352A9
Requests: 44 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: DCC8761DBD5908AFABEEB22685AB75C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not Found -

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

593 kB
Transfer

1845 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thinksafe.co.za/
Title: Life Aid

Search URL Search Domain Scan URL

URL: https://www.facebook.com/inshoor

Search URL Search Domain Scan URL

URL: https://twitter.com/inshoor

Search URL Search Domain Scan URL

URL: https://instagram.com/inshoorsa

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fmedicalexaminations.co.za%2Ftcu%2Fqakbot.zip&title=Page%20Not%20Found%20-
Title: Teilen

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 404 Primary Request qakbot.zip Show response
medicalexaminations.co.za/tcu/ 73 KB
15 KB 2383ms
2346ms Document
text/html 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e14ce2a8b37230b5ec4b9722d67d3474c49520af49fd73f292db11514e210e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000, must-revalidate
cf-cache-status: EXPIRED
cf-ray: 8762f2886e193661-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 07:30:06 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://medicalexaminations.co.za/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=If%2BFGToDD%2BNjG%2FwVdrpUK4YHEgAfd%2FtbXm7RjPBq8ZSXNMofLL%2FKhwSX5qrxJHYg9C0zDODErv%2BmtyDuIOODXBWhi0sOMeKBXUHwxEgdVTyudATEzPHxvlcH2tRTSfAfrQXKXCaUnHjAi08qRe2jQogMHQtXWibJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 ratemypost.ttf
medicalexaminations.co.za/wp-content/plugins/rate-my-post/public/css/fonts/ 5 KB
4 KB 30ms
30ms Font
font/ttf 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 13:09:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158316
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uAbMjztRqT8TrUHmevMOBzk0ITalMgNcPYQVrS4psv75HagBvyOhs8MtyL5Y37dRp3oo8JSjipO%2BIedmRu8ng%2Bp00ZVUjM5A7Ik4CWXhLUwtpALt6%2FsuVCASJqlmPDPvoRzu0LlXAGwkMAsWjmN11Hc%2BDp9Qm9Vz"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972d933661-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Jun 2024 19:33:19 GMT

GET
H3 200 style.min.css
medicalexaminations.co.za/wp-includes/css/dist/block-library/ 108 KB
15 KB 715ms
714ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 05:41:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MkcY3ZjDN5WOcXeFQzHo81ReZDQsbOWwDfKFNoLBP3TIQX6B47i1DrSjYT7KO6%2BOntbSj%2Ba9EdZbVxSvjqhD9Xn9505fNsntSUWcuncXaEgCLx6ayu9gfiDQp7ny8s7CtGhfFnJJ7Glm8DW3IQgcjkWBMcle%2Fgc6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972d963661-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Apr 2025 02:28:14 GMT

GET
H3 200 blocks.style.build.css
medicalexaminations.co.za/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 755ms
753ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=27760
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 17:14:01 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BW1css2%2FGgvlo2IJvBLIXXccXYiS5ko1JrqpWvndXEPAnqVPTC6LshZ6pn77mp34ISHLlAX1m%2BsnOwPJUcnpaiy7b5xW5WRhCL7zFbuSmSYUk%2Bln6hAGbhQx4E%2FRRIocHMxvvKDIKGh82oJbWEkd13zUpOiYSF9p"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972d983661-FRA
expires: Sun, 13 Apr 2025 21:35:58 GMT

GET
H3 200 rate-my-post.css
medicalexaminations.co.za/wp-content/plugins/rate-my-post/public/css/ 10 KB
3 KB 217ms
216ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/rate-my-post/public/css/rate-my-post.css?ver=3.4.5
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36ecf00031ffc0faaf8a8dfb348dfd9c2383be343026b88599d76a11b09f7e18

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=10492
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 23 Jan 2024 13:09:14 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ChOS6yLel6M4PNB%2B4umiihFmNmFW6MjYrL%2Bz%2BSbty6fSat1be2VOilXDTKaqMQRcaKNxj9J17sKZfOZyMbxId8auV7flPO%2BJ12G4zES%2B6WMtPIFibb554k8ag9hRfgIzPPh61wCSvwTGQdw1zyQYC5oxCKxj%2FEu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972d993661-FRA
expires: Tue, 15 Apr 2025 06:54:33 GMT

GET
H3 200 style.css
medicalexaminations.co.za/wp-content/themes/ohio/ 441 KB
56 KB 1356ms
1355ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/style.css?ver=3.1.2
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e7bd2710237bc6decf5e59a834d0222971c05025f826d85ef01291c6b99102

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=532797
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 30 Aug 2022 11:00:49 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqp%2BA9lnITuutUMtkVJ9oYjFnObTnOZ5iipFuF5Q2AOE6Ueq2nS0a0oHxQ04nfL5EXEGQJhr3N%2BVlHngraHtogjWv1qMgZDbzDV0FEc1nD01SWAFbpxffr3zZv%2FPiHx4heGM7F4gL7qpZMQrWzVoAN0Q%2FjgSOYIW"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972d9c3661-FRA
expires: Tue, 15 Apr 2025 06:54:32 GMT

GET
H3 200 addtoany.min.css
medicalexaminations.co.za/wp-content/plugins/add-to-any/ 2 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 17:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158317
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ket1LiJdOVLJ6uIcxvFSG3b0%2BTUgVxAqapjLELB1GhqgU%2FYZcUoQuOBceN%2BkyXPsS8hGisC%2FHR2CFeUimOiC8oSfybfQAO7qQ3JD0J6MB0rzVhSXGCAo9oa%2BUNRaDHblkEY6Hdd6XKItOG08qL3gNGPQa9V52Z3k"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972d9d3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 16 Apr 2025 02:54:33 GMT

GET
H3 200 Defaults.css
medicalexaminations.co.za/wp-content/uploads/smile_fonts/Defaults/ 25 KB
5 KB 241ms
239ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.12
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8731cf20afa12af13a0ca7cb0b961236f2ed738b7b51e8e40255fa68cd9aadb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=27639
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 08 Sep 2022 14:26:28 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Wd9jnqCVk4orqCR8opkqEGpySs0FIJVea%2FutSLMyIVE4rAN4vWmd5Je%2FyEU6kgA%2BLg06Xo0pyHQjETOzE62Ocg0%2Fx%2BKN7M2L%2FIqPCY1%2BHYlQv5oVOOfEsyikoC92TLds85QnOTPr3cF%2BQxNZUpsIdT73fIGggnd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972da03661-FRA
expires: Tue, 15 Apr 2025 06:54:32 GMT

GET
H3 200 jquery.min.js Show response
medicalexaminations.co.za/wp-includes/js/jquery/ 86 KB
31 KB 48ms
47ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158315
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlhDjHBFR%2B5DsypU7Fhs6kjPoSBaZ9qvNCO%2B7b8Ta%2FiAMutSjmlIzgub%2Bpreq7Dxr9CtGIfXGiYdSnro4PLV3xOX5oC%2BRGmjWydn%2Fh9PVbbJW9sVawPV1VBO92JpvGlMPIZC6UmmoWgn3r9JcRBHJHlzilN6zVCH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972da13661-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Feb 2025 21:45:07 GMT

GET
H3 200 jquery-migrate.min.js Show response
medicalexaminations.co.za/wp-includes/js/jquery/ 13 KB
5 KB 33ms
31ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158315
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pT5HGmPckytKgaQ37uGF%2FX%2BKkUXo%2BtwcdDS7Wd9eZURpuiRxMa2f5538eKxGtmaY6mA7I2DbS47j0aIpY6%2BcGQtAQfczMO%2BhzBK1GonirFpX%2BvQFXlLoAUjvHKu6y9NRl%2Byz0vPxrcgrhGp%2BxtY3ibUj7vPhNcOX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2972da33661-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Feb 2025 23:14:17 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 88ms
38ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 977
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e346c2841e4abbb66ee259e9540abb61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wy3XMSjfQbkiYabqxKTsOYG%2FTAD4Zg1NicUZABZuO%2F9q7qgEu%2FdP5A7x4Lc6Y4Dz1C%2FVUx2J7MdvGlBB5ny3XTB6i7x8EB94NFaW8frHcVzAbVHcGEhMkj1%2FDheeP2RsSn6YrvuB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 8762f2a04d958fce-FRA

GET
H3 200 addtoany.min.js Show response
medicalexaminations.co.za/wp-content/plugins/add-to-any/ 129 B
622 B 30ms
30ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 17:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158317
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzydKEcHOflOmrz1iUQFceo9GwhqBuLf8F7SEm5DijgKbrTwWKMLOjqzM2yQ2SA9emrbVeWCG%2FmxqiS5YpCaW0ro38o6MXuFHjrWaHHsUHTPrNrN9MpViusgb5675dHs7PF8%2FGJG0H2sXiCF8O0zU7iJfVC%2FVIJU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29ff8723661-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Feb 2025 19:29:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
103 KB 122ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4GB6ME7EFS

Requested by

Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73d23fbf8029343734d25ea202b045ad858bffb30dbac6701b6de0c7208ddc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Apr 2024 07:30:08 GMT

GET
H3 200 Medical-Examinations-Logo-2022-1.png
medicalexaminations.co.za/wp-content/uploads/2022/09/ 8 KB
8 KB 32ms
30ms Image
image/png 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicalexaminations.co.za/wp-content/uploads/2022/09/Medical-Examinations-Logo-2022-1.png
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c715250adb33124f33a313946bc48a1aca848cd2ec3ed971dd3b715f9cd31f2e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158317
alt-svc: h3=":443"; ma=86400
content-length: 7910
last-modified: Tue, 13 Sep 2022 10:58:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LkPeHWNR0bBcOHKk9VCLag1H28qfqYs2MNkIli%2FpUBtFDT342GbWzNEcUmgHE4%2BfFgfwLKdgXka3METSd4l1BYHRAKIgYGJzmsmf0qJsyh8jjUbDyvYB35wr2hC2EdIexBut%2Bnp1b8W6XGiynEJDtfmHzHbuFEkA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8762f2972da43661-FRA
expires: Wed, 22 May 2024 07:16:48 GMT

GET
H3 200 Blank.png
medicalexaminations.co.za/wp-content/uploads/2022/09/ 97 B
603 B 30ms
29ms Image
image/png 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicalexaminations.co.za/wp-content/uploads/2022/09/Blank.png
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0a4a444ffa505056ae36197c3fc16862b326097fa06413f4c45f89f4d6009e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158316
alt-svc: h3=":443"; ma=86400
content-length: 97
last-modified: Tue, 13 Sep 2022 10:17:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryubwoom0SPgQ2Xjh3lLpFgHletGvHodS99piearAWbn%2B%2FAGMD11oR0vY7%2BoUJ7p8zlfhPTfqG%2By1ItWagcaTkaQIZcBILhO6dRBB%2FwuzEe4UbWqmNEN%2F7xgHDOMrpalTt%2FqbE9TGxIM9huDJF1ab2XJhA%2Bex6TY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8762f2972da53661-FRA
expires: Thu, 18 Jul 2024 11:13:13 GMT

GET
H3 200 fontawesome.min.css
medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/fa/css/ 57 KB
13 KB 707ms
707ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/fa/css/fontawesome.min.css?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58a0fdae6187c703289ea2fe322efa7112594b4284c58de563cf8f4c47cf9f28

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 May 2022 12:53:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcdewLT4GbQqHzt%2FF0FSqYO4zJst%2Fcnx6CPtMY6XAGgUELRaGp%2BtCNgJUFSKIYOtcgNfDmRGLC0d5WSnrUKdOkzzM9ojpNLyaW5o3rrd8DYvy9QecOABKIEBDYnhIeJJVTDUttXpQvhpvFTNX1YzniQaTggvmHsL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2975dd13661-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Apr 2025 06:54:34 GMT

GET
H3 200 ionicons.min.css
medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/ionicons/css/ 46 KB
8 KB 711ms
711ms Stylesheet
text/css 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/ionicons/css/ionicons.min.css?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5f3de591b49d8a12abd8d321c80da3d104ef31b77991c51502c7b08322ea68

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 May 2022 12:53:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCS4O6QnqaG%2B0YQdgcPATxXoXFeKO8USIHErB6zi%2FWZr36sPbzuEsN7RUBhGpNPlI8yCNplCS%2BYMg0xq5RIuDfRFoFDvofHlg1DUtg%2BNRSyEfx%2F8IYIw1v5UzlRgjw6EoOcfOrjRNlClxSKH3DqW0PHB4eUQv1uZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2975dd53661-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Apr 2025 06:54:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 75ms
30ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A900i%2C900%2C700i%2C700%2C500i%2C500%2C400i%2C400%2C300i%2C300%2C100i%2C100%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%26display%3Dswap&ver=6.4.4

Requested by

Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 07:30:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Apr 2024 07:30:07 GMT

GET
H3 200 email-decode.min.js Show response
medicalexaminations.co.za/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
22ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://medicalexaminations.co.za/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661e9d00-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nfcVlMtMXcWySlMWnxutdwDIZ0BfC3w9P2OV%2FRRzcAKN6OaehXvlfV%2FOZNkmdeiXK%2F9Rnc%2F3iSBG37YvdZtbWT0eYKmxupcz2KjMwA79KIohuf12gw24X66KPKPmgCMJ7Dmwgl31dBDIYc3ngCBOKYcIm1N4L8wo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8762f29bcb353661-FRA
expires: Sat, 20 Apr 2024 07:30:07 GMT

GET
H3 200 mpp-frontend.js Show response
medicalexaminations.co.za/wp-content/plugins/metronet-profile-picture/js/ 290 B
711 B 206ms
206ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=331
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 18 Jan 2024 17:14:01 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnmYoMyjn3ujMGPtXARRBu0yn%2FzJVeE5BJiIg22fcPmHoJxzqqeHAktkLbLWnQNBpn0AeDX%2BFyqSFZLvtkBA98%2BfHAjYvgYrZHltelIOxJPjveWcrZ%2FX9eGw0xcDN63iQrd3R%2FZgQayfFE7myF7ZtgzXKcwPW5CE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29bfb6d3661-FRA
expires: Tue, 15 Apr 2025 06:54:33 GMT

GET
H3 200 rate-my-post.js Show response
medicalexaminations.co.za/wp-content/plugins/rate-my-post/public/js/ 30 KB
8 KB 744ms
744ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/plugins/rate-my-post/public/js/rate-my-post.js?ver=3.4.5
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48b98141323f2de993aea3f569ffc8cd251068817f9226ae7e9578e5f844484

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=30643
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 23 Jan 2024 13:09:14 GMT
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElX2XrIF%2FFFYTjsbklfLrhgLF8nZ08vs%2FpG9raLcVfUXaqhdyeTpbR3XxLGEmSWdnj7rPOtV%2BegDU7mwkiQ08lurair36nlVuLqHDs3h1Z0s8LxAlUdP%2FEJPbDxhjP%2BcZFmPwM3HQmIyz%2FfmoCkrfeIKE2AQucx9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29c3bf23661-FRA
expires: Tue, 15 Apr 2025 06:54:34 GMT

GET
H3 200 imagesloaded.min.js Show response
medicalexaminations.co.za/wp-includes/js/ 5 KB
2 KB 30ms
30ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 18:18:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158315
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sGiHlCq7aRZ8F6f4jG7VtyiERxP30N4LEbA57MUefhFJzP%2BplGm6M9sNwApmqawAEgrsTB7YaQsCOE5IzEX6W1YVd2rJpNusF8xKP2GOgnyFBAYhA6Y0oaXkPUpViVsMEAJo7gAkR%2BSYiWWB5nIiaoCi5uY%2BotXC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29d4d3f3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Feb 2025 20:49:10 GMT

GET
H3 200 masonry.min.js Show response
medicalexaminations.co.za/wp-includes/js/ 24 KB
8 KB 82ms
82ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158315
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6ApPAIJT2QQcbE0IpWIvRxau%2F5i%2F9A3TOxWzeUv0LJ9YSi1S%2BEuDrFSDNKaICMW%2FKXJK32WVMWGavPwTDOPT14dzP05oAXfGuk5%2Bcud93KrJMOTgGMyep9prfR%2BeR6wIkXg96PFR1mddWEBMn8EDTWhMM3sNX9D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29dcdff3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 07 Mar 2025 19:21:14 GMT

GET
H3 200 jquery.masonry.min.js Show response
medicalexaminations.co.za/wp-includes/js/jquery/ 2 KB
1 KB 698ms
698ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Aug 2016 18:55:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWh%2B3aKf9MPmz3erg%2FXxEv3uTTMNHHNloJupXOCEwQTIf%2BWoJQfpgRsayaVHX%2FbzV5uroX8Cr1Ij89KTW3Jw8rLAyPJLq%2BFhKCsWeqbJLYyDHssf8qhFR%2Fbi%2Fy4DLkuEIMxZQR8vv3L42yJ7yBPdS3phtoehatut"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29e6ecb3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 11 Feb 2025 20:58:26 GMT

GET
H3 200 jquery.clb-slider.min.js Show response
medicalexaminations.co.za/wp-content/themes/ohio/assets/js/ 14 KB
4 KB 699ms
698ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/js/jquery.clb-slider.min.js?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa64fa4223baed70efaa7c1ba10c4755ded9d242575d52e45d2215da1efa3a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 10:31:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hnYWgh82QnAt6JHtQ32e7TjfjrJYfwr%2BYCuYfpmsXAp1eIRuhoWqxkmqnKsTynvzEEU8Ki3qwDi0dlXtZOY7G%2FmdTni%2F%2Fq4WftMY5nsiB2s23IW1Bb%2FLREuC5D28IekFi1f86F56USXJBcl0EyhFRWfRBEIBrH7z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29ff86a3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Apr 2025 02:28:18 GMT

GET
H3 200 jquery.mega-menu.min.js Show response
medicalexaminations.co.za/wp-content/themes/ohio/assets/js/libs/ 15 KB
4 KB 702ms
701ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/js/libs/jquery.mega-menu.min.js?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7231d369ec4fb686f81629517a3866aa3f1fda1e121bc2038c2687f0a82f2959

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 May 2022 12:53:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BucOdFwDxrUi5tEkJQtw75LBONEJnxxPEd9OZSfKqqN0wbNfqBBRt5yD14QuUhekNgzLwqc3iESdFMCOlXMj4dd7KqWhucuf3JedgkyxXWZ8aRrjkszrHR%2FA%2FM4Wteq201Oqp%2ByzsaXZqpuPFweUaXhue8utISxh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29ff86b3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Apr 2025 02:28:18 GMT

GET
H3 200 jquery.tilt.min.js Show response
medicalexaminations.co.za/wp-content/themes/ohio/assets/js/libs/ 5 KB
2 KB 208ms
207ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/js/libs/jquery.tilt.min.js?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a46b17dc844e94dd3cbbf119636beeae4ad675ce6d67469e6dbb011ec156647a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 May 2022 12:53:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lg3iTaaLdgS4lon5ilnV0TTxigmZV0VixkSE9V5E%2B8GIbr8JPnkCJBP9z4ZoczQ4brzgbcEckJpcMaC9LJNiLnSe2TMI0jkS7oVe7WTmmFYp5XN2e7p8I12PlynrMJmqFOwYkFSg6MZMd9LSih%2B4oOahUWSh4H1O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29ff86e3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 13 Apr 2025 02:28:18 GMT

GET
H3 200 main.min.js Show response
medicalexaminations.co.za/wp-content/themes/ohio/assets/js/ 63 KB
17 KB 44ms
43ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/js/main.min.js?ver=3.1.2
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a202f3d2bfec5ce8c31c5104ee30301ab78d9830310bf6d73376c719ee01c18a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 10:31:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158317
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ROY7D6JpAPueW2pMWtC4jPYF%2BQXanlLoLGoZ34hnF%2FzRW%2Bgqnq32AvTqqPHuPtxQY9uACceeFhO0O6bTw1G44Pzl%2FNVBJdAKD%2F8HJs7wkT353TJqrj3rM0rdntdqhua7%2BrXuYmh3YdEFIqa7JWh4zZ1EuubefHYE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f29ff8703661-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 07:16:51 GMT

GET
BLOB 200
OK 75204f0e-66e1-466f-8eb4-f6ed87b7c89c
https://medicalexaminations.co.za/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://medicalexaminations.co.za/75204f0e-66e1-466f-8eb4-f6ed87b7c89c
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
76 KB 128ms
80ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TR87SFQ

Requested by

Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86752fffc2230d9b4d62582a5b33005230053a6c674e57e03b21867365bb925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77990
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 07:30:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 88ms
42ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A900i%2C900%2C700i%2C700%2C500i%2C500%2C400i%2C400%2C300i%2C300%2C100i%2C100%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%26display%3Dswap&ver=6.4.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 03:50:46 GMT
x-content-type-options: nosniff
age: 445162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 03:50:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 67ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 00:45:23 GMT
x-content-type-options: nosniff
age: 456285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Apr 2025 00:45:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 70ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 18:30:08 GMT
x-content-type-options: nosniff
age: 219600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 18:30:08 GMT

GET
H3 200 fa-brands-400.woff2
medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/fa/webfonts/ 76 KB
76 KB 28ms
28ms Font
font/woff2 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/fa/webfonts/fa-brands-400.woff2
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/fa/css/fontawesome.min.css?ver=6.4.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/wp-content/themes/ohio/assets/fonts/fa/css/fontawesome.min.css?ver=6.4.4
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158317
alt-svc: h3=":443"; ma=86400
content-length: 77400
last-modified: Fri, 27 May 2022 12:53:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIJy4t3ULx0ZvtLQHVicul%2BA58tDTWoeS1l4Gvgr8KRQjNSevnpGItz%2BpgZEwUKw7kUcvE9T%2Fw9esjAq6yrHEoGNjas7OdKNKC37LiTEONSyZb5xeBkzImNKOfOj65KnFTkeeCiFukTjBxiYyqavstB5W0spubfy"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8762f2a0188f3661-FRA
expires: Fri, 19 Jul 2024 02:04:16 GMT

GET
H3 200 LIfe-Aid-cc-Logo-Official-Main-1.png
medicalexaminations.co.za/wp-content/uploads/2022/09/ 9 KB
9 KB 35ms
35ms Image
image/png 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medicalexaminations.co.za/wp-content/uploads/2022/09/LIfe-Aid-cc-Logo-Official-Main-1.png
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb039fae5506aae0bbc9ca2996164d0770fd0b2ce7ec1027b5e66a37a13cdf72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167271
alt-svc: h3=":443"; ma=86400
content-length: 9150
last-modified: Tue, 13 Sep 2022 14:19:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2ToFUgbEIrqI%2BsXsC%2BMsYk2UeDygAJU%2BD2a1Gqj6f93od1b9Vi5y8gVd7dheMZfiIFGV4TY3wyrqeuH2msZ6nUkF4p%2FhANPvjTXzfR5%2FGWcFgNEGo%2FCnb0vLjhEiOsDiIgPE6On%2BKR%2Fp3%2B963Sehnu2GLLLKkwG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8762f2a0188e3661-FRA
expires: Fri, 05 Jul 2024 21:44:44 GMT

GET
H3 200 sm.25.html
static.addtoany.com/menu/ Frame DCC8 0
0 53ms
31ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://medicalexaminations.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 17683
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8762f2a0bfcf974e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 18 Apr 2024 07:30:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCNMjjTjli1WgYxEyhtrixoL4df0cpXfj3ujNAiBX18FGqbN%2Ffx4XQrqpsosm%2B0q%2BvoWfP%2BOLFo%2F4kFbPkLGxi62FAJxQeQ0R%2BjHEMF%2BmlRy1JMue9V76yMqPL17m2rBSb5HtO3e"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.BRQnzO8v.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 86ms
63ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"25da5432b1057724b8210f17e9b9db05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2LCh35NYZoGtJ5OGpPDM%2FYqpVZAdEglU%2BEizvZn2PgoBNhklkTL1KI59T2H%2BVQgIuZeNDBcdMkAV1N7hZwnm2xKR5ODQZFbOyNeEVD4wjYi1IXgoKvU9ovm0ALBq7V3Yl6dgi%2BcA69CdNsu1NjT25Ul"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8762f2a0b8e19bd0-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 83ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4GB6ME7EFS&gtm=45je44f0v886706787za200&_p=1713425407986&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&gdid=dZTNiMT&cid=220346073.1713425408&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713425408&sct=1&seg=0&dl=https%3A%2F%2Fmedicalexaminations.co.za%2Ftcu%2Fqakbot.zip&dt=Page%20Not%20Found%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4000
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4GB6ME7EFS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 18 Apr 2024 07:30:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://medicalexaminations.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 de.js Show response
static.addtoany.com/menu/locale/ 750 B
769 B 32ms
31ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/locale/de.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26044e4f60fab991ddde9378091a990f77cad49dadf8d6b4bd96c632428546c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12993
cf-polished: origSize=902
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"86610d84a116a5704d658324728b063f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUAtsxto%2FMxStsW2kH5sLKNQA3DkIAA0y%2FWXWrsqHqWsj49BrSVwhD%2BFOKFUQg5A%2FclGweY19Rh8olf0DOLh8%2Bwe64dDOLV9pqiH7T4a52vZe3d%2BNY1g76g%2B%2BR8LudjFzf3wcuhe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 8762f2a469728fce-FRA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 429 B
828 B 67ms
67ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"68925fa8e347041c6006837e73c518bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmIM7WYa%2FChxExaHp7GhIuPzyjdXSeIVtiVj%2FGI8Ixt09HJvuwwJUxFOk2eX0%2FD4D0UcRi%2B1Msryfn%2FomLXnc9JnT2S30WHZxsd%2BykQSA7gCv06UB2BD9tvUMb2i0vi4Y8m8pEb3dj8JzEzTBGb6zN2c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8762f2a46cfd9bd0-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 645 B
931 B 61ms
60ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wrFl3UA6Ox8kESuRlDA7vFAdeG9wAcoyrkpHocQePDrcWDaQ1dFFzj8lnhAWv3qj81I1pVZ1C5%2BSq8Pt5nhF9cS5AOj2cv9C%2BVzKHa3RXuIDfNcgzxqm7HruLpx25qEvCl9t9V5ywpjiS%2FZPYurZrvox"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8762f2a46cff9bd0-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 415 B
832 B 59ms
59ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"eb2119ad4221a9d01abc336e06962867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dC%2F50hBXROC6LWhWshvNvhow2%2FDjNLJTK1mEGhqtGXFeR4XsBrqgqfUYGTyLKt%2BOVUlu0IRFLlqF%2BMFEK1wzhc6b5Wb4WaDCCU3Ns6hn5QZPgmJDQ1vTvdu4amZS3J3qx57HdKxsRzsKE21OnyJKISjC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8762f2a46d009bd0-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
687 B 53ms
52ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
Origin: https://medicalexaminations.co.za
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HC1BU43Z9P5NZtinDvwSIYy90P64NtAn0xlqb5QMnoAwZIw5Y6Xp3v40osxFGsvRJcqyTzR1pJBTfix8KvOhlik2MhFNOQS%2Fm4kJtYkfKxT4OMqtYXIKaX4JchHp545ATxBC6cyco2OSfKDSz0gsawFs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 8762f2a46d019bd0-FRA

GET
H3 200 wp-emoji-release.min.js Show response
medicalexaminations.co.za/wp-includes/js/ 18 KB
5 KB 215ms
215ms Script
application/javascript 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-includes/js/wp-emoji-release.min.js?ver=6.4.4
Requested by: Host: medicalexaminations.co.za
URL: https://medicalexaminations.co.za/tcu/qakbot.zip
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcbZs1Y9LuKNN4EVNTqqlsqoFLANM0%2BFx9A5Rq4655CLESee2epLOLisLAPhI0hcGt3iLCjqIx1bLbs7fB1v20i4R5NOEnKg2pZ8kA890k4s77mOfb2EEFBhh8xZP3UK5eLwgFvOjJmkZX0RcBFRhfr%2BBIihEjzP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 8762f2a47d1f3661-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 15 Apr 2025 07:31:03 GMT

GET
H3 200 Favicon_512x512-405x405-1.png
medicalexaminations.co.za/wp-content/uploads/2022/09/ 22 KB
23 KB 29ms
29ms Other
image/png 2606:4700:3036::6815:37cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicalexaminations.co.za/wp-content/uploads/2022/09/Favicon_512x512-405x405-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:37cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00003bd137a6cb8cd90244b4f2349a053b142ec25fbac0764d796b192b111840

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://medicalexaminations.co.za/tcu/qakbot.zip
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 07:30:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158314
alt-svc: h3=":443"; ma=86400
content-length: 22958
last-modified: Thu, 08 Sep 2022 13:35:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvV4ys28dgEyhMTbUDbtwf2sYBDgKFUoeYYxxsDGzPUypTbJmBnEfDOak9qSMzdXNh%2BycHxFXb4awDBAybmsRvEQmxRNDmustDPoiPMEZECD5FviDq6ZrjkcJE6Dhc6muCdD7wkShnf4YopqqeM5gudAsmtTYMbM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8762f2a5ee8f3661-FRA
expires: Fri, 19 Jul 2024 12:04:21 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medicalexaminations.co.za/	1970-01-21 05:33:05	Name: _ga_4GB6ME7EFS Value: GS1.1.1713425408.1.0.1713425408.0.0.0
.medicalexaminations.co.za/	1970-01-21 05:33:05	Name: _ga Value: GA1.1.220346073.1713425408
.medicalexaminations.co.za/	1970-01-20 22:06:41	Name: _gcl_au Value: 1.1.180651358.1713425408

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://medicalexaminations.co.za/tcu/qakbot.zip Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
medicalexaminations.co.za
region1.google-analytics.com
static.addtoany.com
www.googletagmanager.com
2001:4860:4802:32::36
2606:4700:10::6816:47c5
2606:4700:10::ac43:2794
2606:4700:3036::6815:37cc
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2008
00003bd137a6cb8cd90244b4f2349a053b142ec25fbac0764d796b192b111840
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636
36ecf00031ffc0faaf8a8dfb348dfd9c2383be343026b88599d76a11b09f7e18
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58a0fdae6187c703289ea2fe322efa7112594b4284c58de563cf8f4c47cf9f28
6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
7231d369ec4fb686f81629517a3866aa3f1fda1e121bc2038c2687f0a82f2959
73d23fbf8029343734d25ea202b045ad858bffb30dbac6701b6de0c7208ddc7b
86752fffc2230d9b4d62582a5b33005230053a6c674e57e03b21867365bb925c
86e7bd2710237bc6decf5e59a834d0222971c05025f826d85ef01291c6b99102
8b5f3de591b49d8a12abd8d321c80da3d104ef31b77991c51502c7b08322ea68
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
a0da2aee6cc32a9bc1dc66cfba7518a6d47d1337202d6ee94a6174f25c720e94
a202f3d2bfec5ce8c31c5104ee30301ab78d9830310bf6d73376c719ee01c18a
a46b17dc844e94dd3cbbf119636beeae4ad675ce6d67469e6dbb011ec156647a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b2b513d915ee0689890c4c17b634c139f58067a1b0ec3513e21886945b215c66
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
c19e3e4151ea4933fa9ba9703c51fe20ad469237771214b1c5001d1b107ddef5
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c715250adb33124f33a313946bc48a1aca848cd2ec3ed971dd3b715f9cd31f2e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd0a4a444ffa505056ae36197c3fc16862b326097fa06413f4c45f89f4d6009e
d432ad1988efa5b258294f52dae3d1b4c10660aec15e49017e21a1ee74bfd453
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e14ce2a8b37230b5ec4b9722d67d3474c49520af49fd73f292db11514e210e12
e26044e4f60fab991ddde9378091a990f77cad49dadf8d6b4bd96c632428546c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48b98141323f2de993aea3f569ffc8cd251068817f9226ae7e9578e5f844484
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8731cf20afa12af13a0ca7cb0b961236f2ed738b7b51e8e40255fa68cd9aadb
fb039fae5506aae0bbc9ca2996164d0770fd0b2ce7ec1027b5e66a37a13cdf72
ffa64fa4223baed70efaa7c1ba10c4755ded9d242575d52e45d2215da1efa3a0

medicalexaminations.co.za Open in urlscan Pro 2606:4700:3036::6815:37cc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

8 IPs

2 Countries

593 kBTransfer

1845 kBSize

3 Cookies

6 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

medicalexaminations.co.za Open in urlscan Pro
2606:4700:3036::6815:37cc Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

8
IPs

2
Countries

593 kB
Transfer

1845 kB
Size

3
Cookies

45 HTTP transactions
0 data transactions