URL: https://verification.meded.app/
Submission: On April 11 via manual — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 18.219.49.64, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is verification.meded.app.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.
This is the only time verification.meded.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 18.219.49.64 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
9 151.101.64.176 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
32 7
Apex Domain
Subdomains
Transfer
14 meded.app
verification.meded.app
447 KB
9 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1295
167 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 240
159 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
161 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 330
48 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 806
88 KB
0 google.de Failed
www.google.de Failed
32 7
Domain Requested by
14 verification.meded.app verification.meded.app
code.jquery.com
9 js.stripe.com verification.meded.app
js.stripe.com
3 cdnjs.cloudflare.com verification.meded.app
cdnjs.cloudflare.com
2 www.googletagmanager.com verification.meded.app
www.googletagmanager.com
2 cdn.jsdelivr.net verification.meded.app
1 code.jquery.com verification.meded.app
0 www.google.de Failed verification.meded.app
32 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
med-mastodon.com
trynomial.solutions
Subject Issuer Validity Valid
verification.meded.app
R3
2024-03-27 -
2024-06-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-03-27 -
2024-06-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 8 frames:

Primary Page: https://verification.meded.app/
Frame ID: D861F4165C31C9F26C3BE97EAC9D4516
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BCD9A88CE06CABE83B25F0CB104B79FD
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-637a1c1948ead65247f3fbb4cf1d9dae.html
Frame ID: C5C0A848B419E95F646C449B40B6874D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-loader-ui-d3628c9c60b0b7687f19264394986a64.html
Frame ID: D9F65DAE320386D9F9069F3EFF860741
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-ee1a93bdea1a8924ef52c4f9681c9f12.html
Frame ID: 1A3EC0F2554A0180AB0AB36B3E2AF813
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-906df3890a41d773a20effca4879d7f9.html
Frame ID: 6611CDDD1F1B3E72B29A2F18E2955762
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-94a28d325f072fe9338500f45c23b91d.html
Frame ID: D3EAC8FE3CAE6635F71C76B8F6F31132
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-ach-bank-search-results-b46bc197325e72b81519c4a25c6dc49a.html
Frame ID: 50FE11C24F63C03EC3357C374AB9DE23
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

97 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1071 kB
Transfer

2068 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
verification.meded.app/
32 KB
7 KB
Document
General
Full URL
https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c959535d69d4afb34bef62df270f995e6c440e3ae535f15d83cc383569099727
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEQUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
6057
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEQUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Content-Type
text/html; charset=UTF-8
Date
Thu, 11 Apr 2024 18:20:52 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Upgrade
h2
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/
56 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Origin
https://verification.meded.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1432493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10022
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axuD83qfrsut7T7%2BolYFXiVKotRseV7ruRUZO0UBEz%2F1OGVADnl58iYJw9nf6ZxeXuhf%2B51NBxni3hg864StbltF5eD6exjeEkyqHaM9CWOA7ndlBGMaYxbo99N2llx%2BSoi%2FKVcRqvtvwX10GdzdhpGy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
872cfe3bb96c2bc6-FRA
expires
Tue, 01 Apr 2025 18:20:52 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/
158 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Origin
https://verification.meded.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2515672
x-jsd-version
4.6.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230063-FRA, cache-lga21931-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izK6zsZi9WXMi6ceDv%2F%2BFZyj8tiflGVS6eS3HiMySt7xboyGNwzaMA9zT7UyoCsqpQwuSC5UDpXJ8%2Bkinx7d%2B%2F95DNi7TIrowjJThZkHZlUEcX4YlWmOUndvB2M9MsEAKwYOECIcfr1OEiJ9%2B5U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
872cfe3bcffc1da2-FRA
common.css
verification.meded.app/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://verification.meded.app/css/common.css
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fb9041223b55b1531694ec5fe53b7a5cb81ebc67195eacb22647db07402550ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEUUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEUUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Keep-Alive
Content-Length
615
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 28 Sep 2022 23:34:54 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"87f-5e9c535344380-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
main.css
verification.meded.app/css/
477 B
2 KB
Stylesheet
General
Full URL
https://verification.meded.app/css/main.css
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
49230655346609eb807154575071b813df0c06afa8f3b0c1cb1d866d2739688e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEZ0FBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEZ0FBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Keep-Alive
Content-Length
265
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 10 Sep 2022 00:41:58 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1dd-5e847ee118180-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
topbar-transparent.png
verification.meded.app/img/
46 KB
47 KB
Image
General
Full URL
https://verification.meded.app/img/topbar-transparent.png
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
300147230d517f9ee8feba16535df75bfeddc1d9754cad91c571c2b8185643aa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJJZHU3em5Ocm80OXN3ZGlAZ0FBQUFR' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJJZHU3em5Ocm80OXN3ZGlAZ0FBQUFR' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Upgrade, Keep-Alive
Content-Length
46722
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 15 Sep 2022 03:59:21 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"b682-5e8af452c3840"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
Content-Type
image/png
Cache-Control
max-age=7890000, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
student.svg
verification.meded.app/img/
1005 B
2 KB
Image
General
Full URL
https://verification.meded.app/img/student.svg
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
06ec7a77edcc7c9f50e408c9fe0a444a009398026e48038fe0839b46a6586366
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJFcVdleXMtSHZDYnZNZUVuZ0FBQUFV' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJFcVdleXMtSHZDYnZNZUVuZ0FBQUFV' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Upgrade, Keep-Alive
Content-Length
1005
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3ed-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
Content-Type
image/svg+xml
Cache-Control
max-age=7890000, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
folder.svg
verification.meded.app/img/
965 B
2 KB
Image
General
Full URL
https://verification.meded.app/img/folder.svg
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eb35d3d3f2233a1a95ea2a76cbbe95dc0a9b1fecd1781446cc66e090cc863a10
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJBMEJ5d3hpVnAwYnhXTENUZ0FBQUFB' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJBMEJ5d3hpVnAwYnhXTENUZ0FBQUFB' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Upgrade, Keep-Alive
Content-Length
965
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3c5-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
Content-Type
image/svg+xml
Cache-Control
max-age=7890000, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
print.svg
verification.meded.app/img/
1 KB
3 KB
Image
General
Full URL
https://verification.meded.app/img/print.svg
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eee0d35eda6dfb738d992ac359211a50f44aa0b857f9780e4de891387991cf1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBFQUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBFQUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"523-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=7890000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1315
X-XSS-Protection
1; mode=block
case.svg
verification.meded.app/img/
1 KB
2 KB
Image
General
Full URL
https://verification.meded.app/img/case.svg
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d2e6dc410a93b4b75738830f0bb31343a2db7b5678d6cf0c89e68c381133782a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJFcVdleXMtSHZDYnZNZUVud0FBQUFV' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJFcVdleXMtSHZDYnZNZUVud0FBQUFV' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4b9-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=7890000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1209
X-XSS-Protection
1; mode=block
check.svg
verification.meded.app/img/
1 KB
3 KB
Image
General
Full URL
https://verification.meded.app/img/check.svg
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c50f72aa38fbd3e9b9153bb1b49c2512801b4da4a75713525115f1c8d675de7f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJNSnZJQ1hPaEpKcGZSdFdnd0FBQUFJ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJNSnZJQ1hPaEpKcGZSdFdnd0FBQUFJ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Upgrade, Keep-Alive
Content-Length
1507
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5e3-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
Content-Type
image/svg+xml
Cache-Control
max-age=7890000, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
check-bw.png
verification.meded.app/img/
4 KB
6 KB
Image
General
Full URL
https://verification.meded.app/img/check-bw.png
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ee424e4df9e3381e843b3781ba25790dede9e3b0ccb826b7825331747be16165
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEd0FBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEd0FBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"11ef-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=7890000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4591
X-XSS-Protection
1; mode=block
jquery-3.6.1.min.js
code.jquery.com/
88 KB
88 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Origin
https://verification.meded.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
via
1.1 varnish, 1.1 varnish
age
6165944
x-cache
HIT, HIT
content-length
89664
x-served-by
cache-lga13629-LGA, cache-fra-eddf8230113-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712859653.505570,VS0,VE0
etag
"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 28127
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/
81 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Origin
https://verification.meded.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2511486
x-jsd-version
4.6.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220105-FRA, cache-lga21968-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gSoW243j6i9TUZVU%2FPX8qEpVxclyTG1RrZfqvh8PF%2F4acXRzczRFIe5YLsPvQuw%2Bq0ECqFPzvviIyChsY%2BVtkOdBeAHD148g3%2FGzfRbQ%2BL6TA6C02XVPd9Zj4oE8tDfik3Rhp0MlsYtIXsc2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
872cfe3bcff81da2-FRA
/
js.stripe.com/v3/
602 KB
167 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b725c5e2777e4f94215b4ab7ab9f9fac441aef574b17440f36501062115c4bee
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 11 Apr 2024 18:20:52 GMT
via
1.1 varnish
age
43
x-cache
HIT
content-length
170514
x-request-id
563cd9a9-b303-414f-9e13-cd32b72b5a30
x-served-by
cache-fra-eddf8230125-FRA
last-modified
Thu, 11 Apr 2024 17:58:06 GMT
server
Fastly
etag
"088e839bbe63d470fe4b55b98eb8a2e8"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
55
main.js
verification.meded.app/js/
19 KB
6 KB
Script
General
Full URL
https://verification.meded.app/js/main.js
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f4dbc60c6c1b2f6f32778ac8a86518ded0fb2191aa23749af1808c760b5ecf53
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJNSnZJQ1hPaEpKcGZSdFdoQUFBQUFJ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJNSnZJQ1hPaEpKcGZSdFdoQUFBQUFJ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Connection
Keep-Alive
Content-Length
4405
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 11 Nov 2023 00:12:11 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4bf6-609d549cb2cc0-gzip"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
gtm.js
www.googletagmanager.com/
186 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58TWXRZM
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f11ee0f4a9495867ba7b0f1887b2212c272cef6280f18477718c11abbbebc1e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68339
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Apr 2024 18:20:52 GMT
js
www.googletagmanager.com/gtag/
278 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-T5MDWD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58TWXRZM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
abec9095be76b97a86c2bee7e0f1c0f9a82ce0e22d6eadc404e834c7a41e3277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96132
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 11 Apr 2024 18:20:52 GMT
ga-audiences
www.google.de/ads/
0
0

pens-xl.webp
verification.meded.app/img/
341 KB
342 KB
Image
General
Full URL
https://verification.meded.app/img/pens-xl.webp
Requested by
Host: verification.meded.app
URL: https://verification.meded.app/css/common.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9714a242c6eedcab6081903282fa232fff39f7cd70992cb316446b769f29c03c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJNbm03aWlnTXJJc2xXdld2d0FBQUFZ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/css/common.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJNbm03aWlnTXJJc2xXdld2d0FBQUFZ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Last-Modified
Wed, 28 Sep 2022 23:31:42 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"55418-5e9c529c29380"
X-Frame-Options
SAMEORIGIN
Upgrade
h2
Cache-Control
max-age=7890000, public
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
349208
X-XSS-Protection
1; mode=block
truncated
/
134 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/
74 KB
75 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://verification.meded.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
687590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75728
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74p7O9QK7O4JG6D8HaXGIEuCmxIzvAOa3cRs7P2NlDgd0yRHjyGCiMS7D2SkgxuSpZAP%2F6p207hViHIgrCbjE%2ByJ%2FIUfwcFQXWztlmKd73PiiQi%2BZZUMUJFQGs9q%2FBOVUSTOao4X47y7f2iZWWDTnfli"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
872cfe3cfab22bc6-FRA
expires
Tue, 01 Apr 2025 18:20:52 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/
74 KB
74 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://verification.meded.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 18:20:52 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
594129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
75336
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12648"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cgym7gl5oRPLPsqqiN%2BOb%2BPgAvpSKIQ7OT7W4OC5%2F3sFrpxthxOhEW%2FupVOQiD0yov7RChEB1tODcbefpzgCYcoapm6VLNcCAaPwBUt7NgnWhrhFO%2FBF9YUcqzuhwkM9yBNfuXklzJUtqqlc7y2hc2Ec"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
872cfe3cfab32bc6-FRA
expires
Tue, 01 Apr 2025 18:20:52 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BCD9
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://verification.meded.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
742128
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:52 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
206174
x-content-type-options
nosniff
x-request-id
f877058b-46bc-4dd0-bcb9-dec171ef7c39
x-served-by
cache-fra-eddf8230130-FRA
controller-with-preconnect-637a1c1948ead65247f3fbb4cf1d9dae.html
js.stripe.com/v3/ Frame C5C0
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-637a1c1948ead65247f3fbb4cf1d9dae.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://verification.meded.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
229
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:52 GMT
etag
"637a1c1948ead65247f3fbb4cf1d9dae"
last-modified
Wed, 10 Apr 2024 20:01:53 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
4
x-content-type-options
nosniff
x-request-id
94f6baa6-4c78-44a0-aa74-bc982280138c
x-served-by
cache-fra-eddf8230130-FRA
elements-inner-loader-ui-d3628c9c60b0b7687f19264394986a64.html
js.stripe.com/v3/ Frame D9F6
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-loader-ui-d3628c9c60b0b7687f19264394986a64.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://verification.meded.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80119
cache-control
max-age=31536000
content-encoding
br
content-length
247
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:52 GMT
etag
"d3628c9c60b0b7687f19264394986a64"
last-modified
Wed, 10 Apr 2024 20:01:53 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
689
x-content-type-options
nosniff
x-request-id
97d8c470-bcd3-4bc8-a149-f9716f5d2c49
x-served-by
cache-fra-eddf8230130-FRA
payment-request-inner-google-pay-ee1a93bdea1a8924ef52c4f9681c9f12.html
js.stripe.com/v3/ Frame 1A3E
0
0
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-ee1a93bdea1a8924ef52c4f9681c9f12.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://verification.meded.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80153
cache-control
max-age=31536000
content-encoding
br
content-length
222
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:52 GMT
etag
"ee1a93bdea1a8924ef52c4f9681c9f12"
last-modified
Wed, 10 Apr 2024 20:02:08 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1337
x-content-type-options
nosniff
x-request-id
090e1639-c11a-4bbe-b067-2fd53e8e432c
x-served-by
cache-fra-eddf8230130-FRA
elements-inner-payment-906df3890a41d773a20effca4879d7f9.html
js.stripe.com/v3/ Frame 6611
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-payment-906df3890a41d773a20effca4879d7f9.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://verification.meded.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80119
cache-control
max-age=31536000
content-encoding
br
content-length
302
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:52 GMT
etag
"906df3890a41d773a20effca4879d7f9"
last-modified
Wed, 10 Apr 2024 20:01:53 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
703
x-content-type-options
nosniff
x-request-id
134f5f26-8ae3-41e9-a71c-0f745e7dd4c1
x-served-by
cache-fra-eddf8230130-FRA
q_states.php
verification.meded.app/php/
6 B
1 KB
XHR
General
Full URL
https://verification.meded.app/php/q_states.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
55483c7b14ac07b6a9d7ffa3fe6c4a2ce39bdf08327e81f5281267e059fdeee9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJFcVdleXMtSHZDYnZNZUVvQUFBQUFV' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://verification.meded.app/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJFcVdleXMtSHZDYnZNZUVvQUFBQUFV' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Server
Apache/2.4.41 (Ubuntu)
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
6
X-XSS-Protection
1; mode=block
favicon.ico
verification.meded.app/
21 KB
23 KB
Other
General
Full URL
https://verification.meded.app/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.219.49.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-49-64.us-east-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fd8205134530d1eada372e75aae6c3f8b9041b776e47b8dcb4bf10d31f7ece88
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJjbm03aWlnTXJJc2xXdld3QUFBQUFZ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 18:20:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https:; script-src 'self' 'nonce-WmhncUJjbm03aWlnTXJJc2xXdld3QUFBQUFZ' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Last-Modified
Fri, 04 Sep 2020 23:54:12 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"553e-5ae8595e13100"
X-Frame-Options
SAMEORIGIN
Content-Type
image/vnd.microsoft.icon
Cache-Control
max-age=7890000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
21822
X-XSS-Protection
1; mode=block
hcaptcha-invisible-94a28d325f072fe9338500f45c23b91d.html
js.stripe.com/v3/ Frame D3EA
0
0
Document
General
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-94a28d325f072fe9338500f45c23b91d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-hfZrf/rGu2N9deBRKxd48Lhzp5q/5hdh65caR7kQLG8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
80157
cache-control
max-age=31536000
content-encoding
br
content-length
25228
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-hfZrf/rGu2N9deBRKxd48Lhzp5q/5hdh65caR7kQLG8='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:53 GMT
etag
"94a28d325f072fe9338500f45c23b91d"
last-modified
Wed, 10 Apr 2024 20:02:07 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3817
x-content-type-options
nosniff
x-request-id
c85b0561-96f6-4ad2-8105-1ef9155a632d
x-served-by
cache-fra-eddf8230130-FRA
elements-inner-ach-bank-search-results-b46bc197325e72b81519c4a25c6dc49a.html
js.stripe.com/v3/ Frame 50FE
0
0
Document
General
Full URL
https://js.stripe.com/v3/elements-inner-ach-bank-search-results-b46bc197325e72b81519c4a25c6dc49a.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://verification.meded.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
79208
cache-control
max-age=31536000
content-encoding
br
content-length
310
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 11 Apr 2024 18:20:53 GMT
etag
"b46bc197325e72b81519c4a25c6dc49a"
last-modified
Wed, 10 Apr 2024 20:01:53 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
36
x-content-type-options
nosniff
x-request-id
d3951a93-49eb-409e-886d-778ddc29b7fb
x-served-by
cache-fra-eddf8230130-FRA
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/
176 B
298 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://verification.meded.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 11 Apr 2024 18:20:58 GMT
via
1.1 varnish
age
498825
x-cache
HIT
content-length
127
x-request-id
8d84c415-f9fa-4a45-9d5b-476c0b417bcb
x-served-by
cache-fra-eddf8230125-FRA
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Fastly
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30124

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RDMR4FCZDN&cid=1140501169.1712859653&gtm=45Pe44a0v892451577z89179278423za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=892246401

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal function| $ function| jQuery object| bootstrap object| webpackChunkStripeJSouter function| noop function| Stripe function| pricecalc function| check_if_progid_specified function| set_prog_costs

7 Cookies

Domain/Path Name / Value
verification.meded.app/ Name: PHPSESSID
Value: FkzWxmdJ0ymplMrxGTGqm0d-hmax9lY2ZKrmgf4IyKgZcLkD
.meded.app/ Name: _ga
Value: GA1.1.1140501169.1712859653
.meded.app/ Name: _ga_RDMR4FCZDN
Value: GS1.1.1712859652.1.0.1712859652.60.0.0
m.stripe.com/ Name: m
Value: 735c8ec0-aa13-4be9-aa7f-c2fc310efaced409d7
.verification.meded.app/ Name: __stripe_mid
Value: d30774a8-23b9-41e4-953d-fa222d4e858aabba00
.verification.meded.app/ Name: __stripe_sid
Value: af4d778c-17ee-4020-a76d-7f87082d60550b97c5
api.hcaptcha.com/ Name: hmt_id
Value: 1d238764-fbba-4a17-aa65-a4d511927341

15 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=GT-T5MDWD&l=dataLayer&cx=c(Line 183)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-RDMR4FCZDN&gtm=45Pe44a0v892451577z89179278423za200&_p=1712859652434&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1140501169.1712859653&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712859652&sct=1&seg=0&dl=https%3A%2F%2Fverification.meded.app%2F&dt=GME%20Primary%20Source%20Training%20Verification&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=533' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.stripe.com https://maps.googleapis.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=GT-T5MDWD&l=dataLayer&cx=c(Line 183)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RDMR4FCZDN&cid=1140501169.1712859653&gtm=45Pe44a0v892451577z89179278423za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.stripe.com https://maps.googleapis.com".
security error URL: https://verification.meded.app/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RDMR4FCZDN&cid=1140501169.1712859653&gtm=45Pe44a0v892451577z89179278423za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=892246401' because it violates the following Content Security Policy directive: "img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com".
other warning URL: https://verification.meded.app/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://verification.meded.app/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://verification.meded.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://verification.meded.app/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://verification.meded.app/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://verification.meded.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://verification.meded.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://verification.meded.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://verification.meded.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://verification.meded.app/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtag/js?id=GT-T5MDWD&l=dataLayer&cx=c(Line 183)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-RDMR4FCZDN&gtm=45Pe44a0v892451577za200&_p=1712859652434&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1140501169.1712859653&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1712859652&sct=1&seg=0&dl=https%3A%2F%2Fverification.meded.app%2F&dt=GME%20Primary%20Source%20Training%20Verification&en=scroll&epn.percent_scrolled=90&_et=21&tfd=5557' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.stripe.com https://maps.googleapis.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=GT-T5MDWD&l=dataLayer&cx=c(Line 183)
Message:
Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-RDMR4FCZDN&gtm=45Pe44a0v892451577za200&_p=1712859652434&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1140501169.1712859653&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=3&sid=1712859652&sct=1&seg=0&dl=https%3A%2F%2Fverification.meded.app%2F&dt=GME%20Primary%20Source%20Training%20Verification&en=user_engagement&_et=6076&tfd=6635' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.stripe.com https://maps.googleapis.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https:; script-src 'self' 'nonce-WmhncUJMbU13OEpDUDJxbTlMUTBEQUFBQUFF' https://code.jquery.com https://cdn.jsdelivr.net https://maps.googleapis.com https://js.stripe.com https://*.googletagmanager.com https://tagmanager.google.com; img-src 'self' data: www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' https://googletagmanager.com https://tagmanager.google.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; object-src 'none'; font-src 'self' https://fonts.gstatic.com data: https://cdnjs.cloudflare.com; frame-src https://js.stripe.com https://hooks.stripe.com; connect-src 'self' https://api.stripe.com https://maps.googleapis.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
js.stripe.com
verification.meded.app
www.google.de
www.googletagmanager.com
www.google.de
151.101.64.176
18.219.49.64
2606:4700::6810:5714
2606:4700::6811:180e
2a00:1450:4001:81d::2008
2a04:4e42:400::649
06ec7a77edcc7c9f50e408c9fe0a444a009398026e48038fe0839b46a6586366
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
300147230d517f9ee8feba16535df75bfeddc1d9754cad91c571c2b8185643aa
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
49230655346609eb807154575071b813df0c06afa8f3b0c1cb1d866d2739688e
55483c7b14ac07b6a9d7ffa3fe6c4a2ce39bdf08327e81f5281267e059fdeee9
93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c
9714a242c6eedcab6081903282fa232fff39f7cd70992cb316446b769f29c03c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
abec9095be76b97a86c2bee7e0f1c0f9a82ce0e22d6eadc404e834c7a41e3277
b725c5e2777e4f94215b4ab7ab9f9fac441aef574b17440f36501062115c4bee
c50f72aa38fbd3e9b9153bb1b49c2512801b4da4a75713525115f1c8d675de7f
c959535d69d4afb34bef62df270f995e6c440e3ae535f15d83cc383569099727
d2e6dc410a93b4b75738830f0bb31343a2db7b5678d6cf0c89e68c381133782a
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
eb35d3d3f2233a1a95ea2a76cbbe95dc0a9b1fecd1781446cc66e090cc863a10
ee424e4df9e3381e843b3781ba25790dede9e3b0ccb826b7825331747be16165
eee0d35eda6dfb738d992ac359211a50f44aa0b857f9780e4de891387991cf1a
f11ee0f4a9495867ba7b0f1887b2212c272cef6280f18477718c11abbbebc1e0
f4dbc60c6c1b2f6f32778ac8a86518ded0fb2191aa23749af1808c760b5ecf53
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fb9041223b55b1531694ec5fe53b7a5cb81ebc67195eacb22647db07402550ba
fd8205134530d1eada372e75aae6c3f8b9041b776e47b8dcb4bf10d31f7ece88