payment.medi-plus.net Open in urlscan Pro
34.171.73.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment.medi-plus.net/
Submission: On August 31 via automatic, source certstream-suspicious (August 31st 2024, 3:51:56 am UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 34.171.73.38, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is payment.medi-plus.net.
TLS certificate: Issued by R11 on August 31st 2024. Valid for: 3 months.

This is the only time payment.medi-plus.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	34.171.73.38 34.171.73.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
14	5

5 34.171.73.38 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.73.171.34.bc.googleusercontent.com

payment.medi-plus.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1114 s.clarity.ms — Cisco Umbrella Rank: 8495	28 KB
5	medi-plus.net payment.medi-plus.net	321 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	157 KB
14	3

	Domain	Requested by
5	payment.medi-plus.net	payment.medi-plus.net
4	js.stripe.com	payment.medi-plus.net js.stripe.com
3	s.clarity.ms	www.clarity.ms
2	www.clarity.ms	payment.medi-plus.net www.clarity.ms
14	4

This site contains no links.

Subject Issuer	Validity	Valid
payment.medi-plus.net R11	`2024-08-31` - `2024-11-29`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-08-29` - `2024-12-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://payment.medi-plus.net/
Frame ID: 278EF7DD143DD5DF3F786FC8E42790AB
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-0ac892cc1983a4b6e5727ee594af4fd2.html
Frame ID: 1BCF4AAC194FFF5CBADC6579F2A1C733
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: A469FEF43C7CECA0CADF60A6E05A37CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mediet

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

14
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

506 kB
Transfer

1033 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
payment.medi-plus.net/ 919 B
876 B 552ms
126ms Document
text/html 34.171.73.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.medi-plus.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.73.171.34.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 18e43284e9fa4a125ab93b42c70b5833bcf1b64e1a9cca53ab18aba0d601ce82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 31 Aug 2024 03:51:47 GMT
ETag: W/"6541f481-397"
Last-Modified: Wed, 01 Nov 2023 06:47:29 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK main.cbfa74ee.js Show response
payment.medi-plus.net/static/js/ 231 KB
231 KB 251ms
251ms Script
application/javascript 34.171.73.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.medi-plus.net/static/js/main.cbfa74ee.js
Requested by: Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.73.171.34.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d921747e9914b019388b75688356f6e27fd448af6687a5fc3a62e81b2d0a6df

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:51:47 GMT
Last-Modified: Wed, 01 Nov 2023 06:47:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6541f481-39c9c"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 236700

GET
H/1.1 200
OK main.90c54a9a.css
payment.medi-plus.net/static/css/ 19 KB
19 KB 505ms
252ms Stylesheet
text/css 34.171.73.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.medi-plus.net/static/css/main.90c54a9a.css
Requested by: Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.73.171.34.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 97a3392467220be815895cd99b9095bc1541e7982a1e2c043da8d04be9fea84e

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:51:47 GMT
Last-Modified: Wed, 01 Nov 2023 06:47:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6541f481-4b20"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19232

GET
H2 200 fn2t7jcv2n Show response
www.clarity.ms/tag/ 552 B
807 B 291ms
212ms Script
application/x-javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fn2t7jcv2n
Requested by: Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 89829fe540f29d710468d0f1e8b9dc1a119178c9b3283912393fdbe03cd857ec

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Sat, 31 Aug 2024 03:51:47 GMT
x-azure-ref: 20240831T035147Z-166b9c58d6cbv9rgccm8wk6ux000000001bg00000000f987
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 552
expires: -1

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.45/ 64 KB
27 KB 38ms
38ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.45/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fn2t7jcv2n
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 03:51:47 GMT
content-encoding: br
last-modified: Wed, 28 Aug 2024 19:57:49 GMT
etag: W/"0x8DCC79BB1C5F66A"
vary: Accept-Encoding
x-azure-ref: 20240831T035147Z-166b9c58d6cbv9rgccm8wk6ux000000001bg00000000f98e
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 91b292d3-901e-006b-0414-faa92f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
285 B 331ms
108ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://payment.medi-plus.net
Date: Sat, 31 Aug 2024 03:51:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 v3 Show response
js.stripe.com/ 650 KB
157 KB 87ms
21ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/static/js/main.cbfa74ee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e3554df81817a851badf4b7eadbcd096d0ec3845f0d8cf0498d5e2601e3848af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 03:51:47 GMT
via: 1.1 varnish
age: 6
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 160484
x-request-id: cd815e19-f9a7-4ee5-ae47-837f274f7cf9
x-served-by: cache-fra-etou8220061-FRA
last-modified: Fri, 30 Aug 2024 20:42:51 GMT
server: Fastly
etag: "5481bc7ba8457693c55da88c373b0b74"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H/1.1 200
OK / Show response
payment.medi-plus.net/fetch_setup_intents/ 29 B
484 B 1283ms
1282ms XHR
application/json 34.171.73.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.medi-plus.net/fetch_setup_intents/?id=null&from=null
Requested by: Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/static/js/main.cbfa74ee.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.73.171.34.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83a31c806776a9e4f5032f217259c87a99cbe6df79ad287b1d23b545b7f7f112

Request headers

Accept: application/json, text/plain, */*
Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:51:49 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
X-Cloud-Trace-Context: 62fd28f56aa5d18096641df1c6ece803;o=1
Cache-Control: private
Function-Execution-Id: 5656m4i27hr0
Connection: keep-alive
Content-Length: 55

GET
H2 200 controller-with-preconnect-0ac892cc1983a4b6e5727ee594af4fd2.html
js.stripe.com/v3/ Frame 1BCF 0
0 56ms
21ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-0ac892cc1983a4b6e5727ee594af4fd2.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.medi-plus.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 402
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 31 Aug 2024 03:51:48 GMT
etag: "0ac892cc1983a4b6e5727ee594af4fd2"
last-modified: Fri, 30 Aug 2024 20:04:50 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 7ca271dc-828f-4ba8-8207-4cfb8a46dcb6
x-served-by: cache-fra-etou8220044-FRA

GET
H3 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame A469 0
0 19ms
19ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.medi-plus.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2683420
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 31 Aug 2024 03:51:48 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 164623
x-content-type-options: nosniff
x-request-id: fcc15354-cbea-416b-b777-06f39c502b10
x-served-by: cache-fra-etou8220119-FRA

GET
H/1.1 200
OK favicon.ico
payment.medi-plus.net/ 69 KB
69 KB 253ms
252ms Other
image/x-icon 34.171.73.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.medi-plus.net/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 38.73.171.34.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 39cf23dfdbae10b353b83f6709076886760f8c508301c3d315a3af48feabdb5f

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 31 Aug 2024 03:51:48 GMT
Last-Modified: Wed, 01 Nov 2023 06:47:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6541f46c-11276"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70262

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
285 B 106ms
105ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://payment.medi-plus.net
Date: Sat, 31 Aug 2024 03:51:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
285 B 106ms
106ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://payment.medi-plus.net
Date: Sat, 31 Aug 2024 03:51:51 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
296 B 22ms
21ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.medi-plus.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 31 Aug 2024 03:51:53 GMT
via: 1.1 varnish
age: 10958
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 127
x-request-id: 46de7f2a-f172-4e84-8d3d-fd3a95f65efd
x-served-by: cache-fra-etou8220061-FRA
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Fastly
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 64

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-21 08:47:16	Name: m Value: dbf6fc8a-1ec7-46e2-a448-20e15b3e4787eb6da2
.payment.medi-plus.net/	1970-01-21 07:56:52	Name: __stripe_mid Value: e1f60115-8a3b-4f27-a9d3-c1507e4bad8c7ed934
.payment.medi-plus.net/	1970-01-20 23:11:18	Name: __stripe_sid Value: 9a9be9b8-22a5-490b-b889-53072697163a3edc37

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.stripe.com
payment.medi-plus.net
s.clarity.ms
www.clarity.ms
151.101.0.176
151.101.128.176
23.96.124.68
2620:1ec:bdf::44
34.171.73.38
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
18e43284e9fa4a125ab93b42c70b5833bcf1b64e1a9cca53ab18aba0d601ce82
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
39cf23dfdbae10b353b83f6709076886760f8c508301c3d315a3af48feabdb5f
4d921747e9914b019388b75688356f6e27fd448af6687a5fc3a62e81b2d0a6df
83a31c806776a9e4f5032f217259c87a99cbe6df79ad287b1d23b545b7f7f112
89829fe540f29d710468d0f1e8b9dc1a119178c9b3283912393fdbe03cd857ec
97a3392467220be815895cd99b9095bc1541e7982a1e2c043da8d04be9fea84e
e3554df81817a851badf4b7eadbcd096d0ec3845f0d8cf0498d5e2601e3848af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

payment.medi-plus.net Open in urlscan Pro 34.171.73.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

20 %IPv6

3 Domains

4 Subdomains

5 IPs

1 Countries

506 kBTransfer

1033 kBSize

3 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

payment.medi-plus.net Open in urlscan Pro
34.171.73.38 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

506 kB
Transfer

1033 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions