urlscan.io logo urlscan.io
SecurityTrails logo

payment.medi-plus.net Open in urlscan Pro
34.171.73.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment.medi-plus.net/
Submission: On March 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 34.171.73.38, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is payment.medi-plus.net.
TLS certificate: Issued by R3 on March 7th 2023. Valid for: 3 months.
This is the only time payment.medi-plus.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.171.73.38 396982 (GOOGLE-CL...)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
2 104.211.35.148 8075 (MICROSOFT...)
3 13.227.219.58 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:20e... 16509 (AMAZON-02)
1 54.184.205.88 16509 (AMAZON-02)
18 8
4    34.171.73.38 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.73.171.34.bc.googleusercontent.com
payment.medi-plus.net
2    2620:1ec:4f:1::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    104.211.35.148 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
y.clarity.ms
3    13.227.219.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-58.ams54.r.cloudfront.net
js.stripe.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:20eb:ee00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    54.184.205.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-205-88.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1051
q.stripe.com — Cisco Umbrella Rank: 6717
m.stripe.com — Cisco Umbrella Rank: 1056
110 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1033
y.clarity.ms — Cisco Umbrella Rank: 62485
c.clarity.ms — Cisco Umbrella Rank: 1538
21 KB
4 medi-plus.net
payment.medi-plus.net
312 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1159
16 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 237
743 B
18 5
Domain Requested by
4 payment.medi-plus.net payment.medi-plus.net
3 q.stripe.com payment.medi-plus.net
3 js.stripe.com payment.medi-plus.net
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 c.clarity.ms 1 redirects
2 y.clarity.ms www.clarity.ms
2 www.clarity.ms payment.medi-plus.net
www.clarity.ms
1 m.stripe.com m.stripe.network
1 c.bing.com 1 redirects
18 9

This site contains no links.

Subject Issuer Validity Valid
payment.medi-plus.net
R3		 2023-03-07 -
2023-06-05		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-06 -
2023-05-13		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-08 -
2023-04-08		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://payment.medi-plus.net/
Frame ID: CAADB6F9871D721C168A75ABEC8456B7
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 5CD2BFBE72CDF1198919E44DF95AB616
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 501DE610EBDBD5D775E607BA57FF4CC7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mediet

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

18
Requests

94 %
HTTPS

33 %
IPv6

5
Domains

9
Subdomains

8
IPs

2
Countries

459 kB
Transfer

895 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BBF685C408854EA7997C23F7935915FD&RedC=c.clarity.ms&MXFR=30250E95DEFA68950BAD1C58DAFA6614 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBF685C408854EA7997C23F7935915FD&MUID=22D64D2D44E16DCD1B9D5FE0458A6C6C

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payment.medi-plus.net/ 		743 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.medi-plus.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.73.171.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a1269d8779333f16015963e6d6501563b585c20f1b195fec67795503cb7985f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 07 Mar 2023 17:38:37 GMT
ETag
W/"63ff0ae4-2e7"
Last-Modified
Wed, 01 Mar 2023 08:20:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
main.22630bb4.js
payment.medi-plus.net/static/js/ 		292 KB
292 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment.medi-plus.net/static/js/main.22630bb4.js
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.73.171.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
38ec1b8b8336f18b8582ef96a539dcc28b3cb9ac2267fdcc90cb12890788499d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.medi-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 17:38:37 GMT
Last-Modified
Wed, 01 Mar 2023 08:20:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63ff0ae4-49060"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
299104
main.e036dca3.css
payment.medi-plus.net/static/css/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.medi-plus.net/static/css/main.e036dca3.css
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.73.171.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0f6b2921e692aba48bbb0a0d991af66e7f11450d59b43f4f958ae044e2e707d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.medi-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 17:38:38 GMT
Last-Modified
Wed, 01 Mar 2023 08:20:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63ff0ae4-4a26"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18982
fn2t7jcv2n
www.clarity.ms/tag/ 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/fn2t7jcv2n
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52f331bcb501817491e29668b51674f4ef09bf3c4a5e80ad544f2edd07037ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.medi-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 07 Mar 2023 17:38:37 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0nnYHZAAAAABuEYJVhsYOQofi96sDy167RlJBMzFFREdFMDQwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
clarity.js
www.clarity.ms/eus-f-sc/s/0.7.2/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus-f-sc/s/0.7.2/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fn2t7jcv2n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.medi-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 17:38:37 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
03lkHZAAAAAAxlog4W552S7vHmDPN0JPZRlJBMjMxMDUwNDE4MDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d94d032bd8761c"
x-azure-ref
0nnYHZAAAAAAEqS1ICrQHRarbc0yojbsXRlJBMzFFREdFMDQwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
collect
y.clarity.ms/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f-sc/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://payment.medi-plus.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://payment.medi-plus.net
date
Tue, 07 Mar 2023 17:38:38 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
v3
js.stripe.com/ 		439 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/static/js/main.22630bb4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3f32833ed9ef751f89d08b9babd170b781a5c2b75a7fe9323fd052a2264a9491
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.medi-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 17:38:24 GMT
via
1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
20
x-cache
Hit from cloudfront
last-modified
Mon, 06 Mar 2023 21:13:30 GMT
server
Cloudfront
etag
W/"43720602dc24de08063cdc1492f75f4f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
gkYdNv_VBeNnrXI_8HW4gAwhZPJOC5MGOP3IzwwBYgP9VcNXUz3yEg==
/
payment.medi-plus.net/fetch_setup_intents/ 		29 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payment.medi-plus.net/fetch_setup_intents/?id=null&from=null
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/static/js/main.22630bb4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.171.73.38 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.73.171.34.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
83a31c806776a9e4f5032f217259c87a99cbe6df79ad287b1d23b545b7f7f112

Request headers

Accept
application/json, text/plain, */*
Referer
https://payment.medi-plus.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 07 Mar 2023 17:38:39 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
X-Cloud-Trace-Context
01bc678aaaeb837f7d2099e2d92f8354;o=1
Cache-Control
private
Function-Execution-Id
mj8qtujrs936
Connection
keep-alive
Content-Length
55
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BBF685C408854EA7997C23F7935915FD&RedC=c.clarity.ms&MXFR=30250E95DEFA68950BAD1C58DAFA6614
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBF685C408854EA7997C23F7935915FD&MUID=22D64D2D44E16DCD1B9D5FE0458A6C6C
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBF685C408854EA7997C23F7935915FD&MUID=22D64D2D44E16DCD1B9D5FE0458A6C6C
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payment.medi-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Mar 2023 17:38:38 GMT
last-modified
Wed, 15 Feb 2023 08:41:50 GMT
server
Microsoft-IIS/10.0
etag
"ddef9591941d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 07 Mar 2023 17:38:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7A518566641146BAA9250C7E24FD4F57 Ref B: FRAEDGE1512 Ref C: 2023-03-07T17:38:39Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BBF685C408854EA7997C23F7935915FD&MUID=22D64D2D44E16DCD1B9D5FE0458A6C6C
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 5CD2 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.medi-plus.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2749
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 17:30:28 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Fri, 03 Mar 2023 21:44:34 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront)
x-amz-cf-id
Ct3C-QkslkpzQ3XPzCKmJi6u0IswtGn1qXPhRWkxb1Hlvy60tY3uPQ==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 5CD2 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Mar 2023 17:38:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5CD2 		0
601 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 07 Mar 2023 17:38:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 5CD2 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-58.ams54.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 07 Mar 2023 17:22:22 GMT
x-content-type-options
nosniff
via
1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
982
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 03 Mar 2023 21:44:33 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pQ7jfnDNpp3Kt8HaTVO-wAZavRIU5UElbPKt6fW0Jg7YQDhJ2G968g==
inner.html
m.stripe.network/ Frame 501D 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
218
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 17:35:07 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-id
iyeOYcpn0Ey5XBNsgDZpIfrLDAfq4nj_SVq1cvfu4Yx4-SF4e3xGIA==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 501D 		0
374 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: payment.medi-plus.net
URL: https://payment.medi-plus.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Tue, 07 Mar 2023 17:38:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 501D 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ee00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 07 Mar 2023 17:36:25 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
136
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
-7jdc4OcTwza6A7mkFzsg--oqwNrph4JLs2558TvwsujMnkGHmPQsA==
6
m.stripe.com/ Frame 501D 		156 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.205.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-205-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7b14943b3c2ab91e277bea986371cdd8fc08aef7290137d1440db562319696b8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 07 Mar 2023 17:38:40 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
y.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://y.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-f-sc/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://payment.medi-plus.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
https://payment.medi-plus.net
date
Tue, 07 Mar 2023 17:38:39 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| clarity object| webpackChunkStripeJSouter function| noop function| Stripe

13 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 08ea371de8f84f5c916e82532924ce87.20230307.20240306
.medi-plus.net/ Name: _clck
Value: 1whf2xy|1|f9p|0
.medi-plus.net/ Name: _clsk
Value: kxy3ao|1678210718612|1|1|y.clarity.ms/collect
.bing.com/ Name: MUID
Value: 22D64D2D44E16DCD1B9D5FE0458A6C6C
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 22D64D2D44E16DCD1B9D5FE0458A6C6C
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 22D64D2D44E16DCD1B9D5FE0458A6C6C
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
m.stripe.com/ Name: m
Value: da5b13d9-5fa3-4dc2-9061-a179a0390311be726e
.payment.medi-plus.net/ Name: __stripe_mid
Value: 7f973e76-11bc-4428-aa02-4aea6535162f35a144
.payment.medi-plus.net/ Name: __stripe_sid
Value: 42ba926f-3277-467f-be66-71673f198a89d8d027

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".