portal.mdstaff.com Open in urlscan Pro
40.80.156.205  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 7a6227d4-d85b-4 Show response portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/	2 KB 2 KB	493ms 164ms	Document text/html	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4180a67f5836e19bd9fc13984c8f900a5223920a8b1e7ce725a346c64477a946 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private content-encoding gzip content-length 1070 content-type text/html; charset=utf-8 date Fri, 15 Apr 2022 21:51:34 GMT server Microsoft-IIS/10.0 vary Accept-Encoding x-aspnet-version 4.0.30319 x-aspnetmvc-version 5.2 x-powered-by ASP.NET
GET H2	200	modernizr Show response portal.mdstaff.com/bundles/	11 KB 5 KB	646ms 645ms	Script text/javascript	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1 Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:34 GMT content-encoding gzip last-modified Fri, 15 Apr 2022 21:51:34 GMT server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary User-Agent,Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public content-length 5292 expires Sat, 15 Apr 2023 21:51:34 GMT
GET H2	200	Master.js Show response portal.mdstaff.com/Scripts/	705 B 470 B	327ms 326ms	Script application/x-javascript	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/Scripts/Master.js?v=08292019 Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2e054a1c112f126e216856dcfd3317eeab99ebdedf9d58b73fdd3cec51123235 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:34 GMT content-encoding gzip etag "0a45f12c442d71:0" last-modified Thu, 06 May 2021 22:06:32 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript accept-ranges bytes content-length 427
GET H2	200	style.bundle.js Show response portal.mdstaff.com/dist/	197 KB 28 KB	166ms 164ms	Script application/x-javascript	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/dist/style.bundle.js Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 3e0dc1843ecf1c9e7b22ea29ef47ff1d369400eb6626d42495227f23221d6d8c Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:34 GMT content-encoding gzip etag "07031a6c442d71:0" last-modified Thu, 06 May 2021 22:10:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript accept-ranges bytes content-length 28917
GET H2	200	fonts.css portal.mdstaff.com/Content/fonts/	262 B 329 B	325ms 324ms	Stylesheet text/css	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/Content/fonts/fonts.css Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6054074bcf0b6668655417eaa4751fe452db7ca8509e30ff942389c32194b7c3 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:34 GMT content-encoding gzip etag "0a45f12c442d71:0" last-modified Thu, 06 May 2021 22:06:32 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 228
GET H2	200	modules.bundle.js Show response portal.mdstaff.com/dist/	355 KB 114 KB	327ms 326ms	Script application/x-javascript	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/dist/modules.bundle.js Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 4b7501606d998cd1ed2cd9f682f5993cae8975ba2be0c0c7230d8a905efa09c6 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:34 GMT content-encoding gzip etag "07031a6c442d71:0" last-modified Thu, 06 May 2021 22:10:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript accept-ranges bytes content-length 116867
GET H2	200	app.bundle.js Show response portal.mdstaff.com/dist/	699 KB 193 KB	326ms 325ms	Script application/x-javascript	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/dist/app.bundle.js Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b68bdbbc801c4df433d139dc0f85373fc28de621003a1d67b9cec18c11ac9f6d Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:34 GMT content-encoding gzip etag "07031a6c442d71:0" last-modified Thu, 06 May 2021 22:10:40 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type application/x-javascript accept-ranges bytes content-length 197574
GET H2	200	raygun.min.js Show response cdn.raygun.io/raygun4js/	66 KB 66 KB	81ms 8ms	Script application/javascript	2600:9000:2156:3600:17:62f0:2dc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.raygun.io/raygun4js/raygun.min.js Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:3600:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a39f44f760a79510863eb5e1b22a4389855a24f3f4e6e2ddd47522f37ef2278a Request headers accept-language de-DE,de;q=0.9 Referer https://portal.mdstaff.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 20:33:39 GMT via 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront) last-modified Tue, 15 Mar 2022 00:46:06 GMT server AmazonS3 age 4677 etag "8819b877d08d9f8fd57c18a9741881c3" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 67381 x-amz-cf-id GmtDdHu7qgl4XkO6dTq8FbrKLUQuKwVDD2z6hHLC6wp3J4QM_Xsk0g==
GET H2	200	7a6227d4-d85b-4 Show response portal.mdstaff.com/api/reviews/instanceId/9c379789-0fde-4bd4-b2ec-57cd545bdedc/token/	4 B 227 B	165ms 165ms	Fetch application/json	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/api/reviews/instanceId/9c379789-0fde-4bd4-b2ec-57cd545bdedc/token/7a6227d4-d85b-4 Requested by Host: cdn.raygun.io URL: https://cdn.raygun.io/raygun4js/raygun.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b Request headers Referer https://portal.mdstaff.com/reviews/9c379789-0fde-4bd4-b2ec-57cd545bdedc/7a6227d4-d85b-4 x-auth-token E37C8A32-7BFB-46F5-BAFB-3616C37EFDA3 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Fri, 15 Apr 2022 21:51:35 GMT content-encoding gzip server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache content-length 123 expires -1
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a31327b895c7a7e6b1e571690e6604e990443368c67d2caaf929a2c16e9329f7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Content-Type image/png
GET H2	200	open-sans.regular.ttf portal.mdstaff.com/Content/fonts/	212 KB 212 KB	161ms 161ms	Font application/octet-stream	40.80.156.205 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://portal.mdstaff.com/Content/fonts/open-sans.regular.ttf Requested by Host: portal.mdstaff.com URL: https://portal.mdstaff.com/Content/fonts/fonts.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.80.156.205 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee Request headers Referer https://portal.mdstaff.com/Content/fonts/fonts.css Origin https://portal.mdstaff.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 15 Apr 2022 21:51:35 GMT last-modified Thu, 06 May 2021 22:06:32 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "0a45f12c442d71:0" content-type application/octet-stream accept-ranges bytes content-length 217360
POST H/1.1	202 Accepted	events Show response api.raygun.io/	2 B 171 B	428ms 96ms	XHR application/json	52.200.145.6 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.raygun.io/events?apikey=C2fyTpHIw74kUhBxuZU10Q Requested by Host: cdn.raygun.io URL: https://cdn.raygun.io/raygun4js/raygun.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.200.145.6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-145-6.compute-1.amazonaws.com Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://portal.mdstaff.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Fri, 15 Apr 2022 21:51:35 GMT Connection keep-alive Content-Length 2 Content-Type application/json
POST H/1.1	202 Accepted	events Show response api.raygun.io/	2 B 171 B	427ms 97ms	XHR application/json	52.200.145.6 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.raygun.io/events?apikey=C2fyTpHIw74kUhBxuZU10Q Requested by Host: cdn.raygun.io URL: https://cdn.raygun.io/raygun4js/raygun.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.200.145.6 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-200-145-6.compute-1.amazonaws.com Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://portal.mdstaff.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Fri, 15 Apr 2022 21:51:35 GMT Connection keep-alive Content-Length 2 Content-Type application/json

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| RaygunObject function| rg4js object| html5 object| Modernizr object| cc string| ROOT string| APPPATH string| API object| path object| user function| _ function| jQuery function| $ object| md function| http function| raygunCoreWebVitalFactory function| raygunFactory function| raygunRumFactory object| TraceKit object| webVitals function| raygunUtilityFactory function| raygunErrorUtilitiesFactory function| raygunNetworkTrackingFactory function| raygunViewportFactory function| raygunBreadcrumbsFactory object| Raygun object| message

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.portal.mdstaff.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 0e2b2819330048c82566dcafcd53bab1caab4222fb5851982cb869176ad89050
			.portal.mdstaff.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 0e2b2819330048c82566dcafcd53bab1caab4222fb5851982cb869176ad89050

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.raygun.io
cdn.raygun.io
portal.mdstaff.com
2600:9000:2156:3600:17:62f0:2dc0:93a1
40.80.156.205
52.200.145.6
2e054a1c112f126e216856dcfd3317eeab99ebdedf9d58b73fdd3cec51123235
3e0dc1843ecf1c9e7b22ea29ef47ff1d369400eb6626d42495227f23221d6d8c
4180a67f5836e19bd9fc13984c8f900a5223920a8b1e7ce725a346c64477a946
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b7501606d998cd1ed2cd9f682f5993cae8975ba2be0c0c7230d8a905efa09c6
6054074bcf0b6668655417eaa4751fe452db7ca8509e30ff942389c32194b7c3
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
a31327b895c7a7e6b1e571690e6604e990443368c67d2caaf929a2c16e9329f7
a39f44f760a79510863eb5e1b22a4389855a24f3f4e6e2ddd47522f37ef2278a
b68bdbbc801c4df433d139dc0f85373fc28de621003a1d67b9cec18c11ac9f6d
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee