www.the-medium-maria.com Open in urlscan Pro
2606:4700:10::6816:11f0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.mailc.maria-fortune-teller.com/r/?id=h20e7351a,9f39d44,a0ed746
Effective URL:
https://www.the-medium-maria.com/privacy_policy.html
Submission: On September 05 via api (September 5th 2021, 5:59:48 pm UTC) from BE

Summary HTTP 13 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 2606:4700:10::6816:11f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.the-medium-maria.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 8th 2021. Valid for: a year.

This is the only time www.the-medium-maria.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.221.152.154 52.221.152.154	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:10:... 2606:4700:10::6816:11f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.13.27 151.101.13.27	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
13	4

1 52.221.152.154 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-152-154.ap-southeast-1.compute.amazonaws.com

t.mailc.maria-fortune-teller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:11f0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.the-medium-maria.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.27 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	the-medium-maria.com www.the-medium-maria.com	147 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	googletagmanager.com www.googletagmanager.com	42 KB
1	maria-fortune-teller.com 1 redirects t.mailc.maria-fortune-teller.com	566 B
13	5

	Domain	Requested by
9	www.the-medium-maria.com	www.the-medium-maria.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.the-medium-maria.com
1	www.googletagmanager.com	www.the-medium-maria.com
1	t.mailc.maria-fortune-teller.com	1 redirects
13	5

This site contains links to these domains. Also see Links.

Domain
tools.google.com
www.google.com

Subject Issuer	Validity	Valid
www.the-medium-maria.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-03-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-05` - `2022-06-06`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.the-medium-maria.com/privacy_policy.html
Frame ID: E27BD123A28E118EAEA319EF2B8095DF
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legal Terms | Maria

Page URL History Show full URLs

http://t.mailc.maria-fortune-teller.com/r/?id=h20e7351a,9f39d44,a0ed746 HTTP 302
https://www.the-medium-maria.com/privacy_policy.html Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

202 kB
Transfer

326 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://tools.google.com/dlpage/gaoptout
Title: https://tools.google.com/dlpage/gaoptout

Search URL Search Domain Scan URL

URL: https://www.google.com/analytics/terms/
Title: https://www.google.com/analytics/terms/

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/privacy/partners/
Title: https://www.google.com/policies/privacy/partners/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.mailc.maria-fortune-teller.com/r/?id=h20e7351a,9f39d44,a0ed746 HTTP 302
https://www.the-medium-maria.com/privacy_policy.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request privacy_policy.html Show response
www.the-medium-maria.com/
Redirect Chain

http://t.mailc.maria-fortune-teller.com/r/?id=h20e7351a,9f39d44,a0ed746
https://www.the-medium-maria.com/privacy_policy.html

40 KB
15 KB

166ms
165ms

Document
text/html

2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/privacy_policy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

836368f102c972f5c68f7121600b854fb953f955526bcf277b1353a49094a11b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

:method: GET
:authority: www.the-medium-maria.com
:scheme: https
:path: /privacy_policy.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6; path=/; domain=.the-medium-maria.com
last-modified: Sun, 05 Sep 2021 17:49:33 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: must-revalidate
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 68a15a179d4b2c19-FRA
content-encoding: gzip

Redirect headers

Content-Type: text/plain; charset=utf-8
Date: Sun, 05 Sep 2021 17:59:31 GMT
Location: https://www.the-medium-maria.com/privacy_policy.html
P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server: Apache
Set-Cookie: AMCV_D89C35DC5A8ED0420A495C35%40AdobeOrg=MCMID%7C56159887353310085113726649492452147199; Domain=maria-fortune-teller.com; Path=/; Expires=Tue, 05-Sep-2023 17:59:31 GMT nlid=20e7351a|9f39d44; Domain=maria-fortune-teller.com; Path=/
X-Robots-Tag: noindex
Content-Length: 17
Connection: keep-alive

GET
H2 200 maintenance.css
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/ 3 KB
1 KB 20ms
20ms Stylesheet
text/css 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/privacy_policy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df7ff9920b8a383c3db18e15b8041ed80d70423539fb3a582835abe84978c89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

:path: /sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
pragma: no-cache
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/privacy_policy.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.the-medium-maria.com/privacy_policy.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 77235
cf-polished: origSize=4029
strict-transport-security: max-age=15552000
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: W/"611b6f86-fbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Sun, 05 Sep 2021 20:32:16 GMT
cache-control: max-age=86400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
cf-ray: 68a15a18afc72c19-FRA
cf-bgj: minify

GET
H2 200 maria-logo-maintenance.png
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/img/ 7 KB
7 KB 22ms
22ms Image
image/png 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/img/maria-logo-maintenance.png

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/privacy_policy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4e5724457af73af41abf3270e4533c8fd8baef5cb46a85ea99a48d6b6d802c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

:path: /sites/www.the-medium-maria.com/themes/optimus/assets/img/maria-logo-maintenance.png
pragma: no-cache
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/privacy_policy.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.the-medium-maria.com/privacy_policy.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 86085
cf-polished: status=not_needed
content-length: 6701
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: "611b6f86-1a2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/png
expires: Sun, 05 Sep 2021 18:04:46 GMT
cache-control: max-age=86400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
accept-ranges: bytes
cf-ray: 68a15a18afc82c19-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 email-decode.min.js Show response
www.the-medium-maria.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
838 B 9ms
8ms Script
application/javascript 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/privacy_policy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/privacy_policy.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.the-medium-maria.com/privacy_policy.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 15:49:24 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"612fa104-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800 public
strict-transport-security: max-age=15552000
cf-ray: 68a15a18bfd02c19-FRA
expires: Tue, 07 Sep 2021 17:59:31 GMT

GET
H2 200 cookiebanner.min.js Show response
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/js/ 9 KB
3 KB 19ms
19ms Script
application/javascript 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/js/cookiebanner.min.js

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/privacy_policy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f454de24c3f0421a6bf72ebdd446dd2f0b90410f07748e652a260e45eb0c5e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

:path: /sites/www.the-medium-maria.com/themes/optimus/js/cookiebanner.min.js
pragma: no-cache
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/privacy_policy.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.the-medium-maria.com/privacy_policy.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75017
strict-transport-security: max-age=15552000
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: W/"611b6f86-2520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
cf-ray: 68a15a18bfd12c19-FRA
expires: Sun, 05 Sep 2021 21:09:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
42 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KV39P8R

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/privacy_policy.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f90e448f73eb112e2703f3f3ae1531ed93de7a69ea93b9749b7be2df1933dee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.the-medium-maria.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43144
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Sep 2021 17:59:31 GMT

GET
H2 200 bg-maintenance.jpg
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/img/ 25 KB
25 KB 21ms
19ms Image
image/jpeg 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/img/bg-maintenance.jpg

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00f96726b284b3e3aba6ba6a98d902e8ea4d3dd06a6e9605d05bf214015bf31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

:path: /sites/www.the-medium-maria.com/themes/optimus/assets/img/bg-maintenance.jpg
pragma: no-cache
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 86085
cf-polished: degrade=85, origSize=27543
content-length: 25633
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: "611b6f86-6b97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/jpeg
expires: Sun, 05 Sep 2021 18:04:46 GMT
cache-control: max-age=86400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
accept-ranges: bytes
cf-ray: 68a15a18d80e2c19-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Exo-Bold.woff2
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/ 33 KB
33 KB 19ms
18ms Font
application/octet-stream 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/Exo-Bold.woff2

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c707610c27ebe00b903804ca09090682a6504e745b5605549eaa7db0a5de08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

sec-fetch-mode: cors
origin: https://www.the-medium-maria.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
:path: /sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/Exo-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.the-medium-maria.com
Referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4240
content-length: 33340
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: "611b6f86-823c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/octet-stream
cache-control: max-age=14400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
accept-ranges: bytes
cf-ray: 68a15a18d80b2c19-FRA

GET
H2 200 Exo-Regular.woff2
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/ 29 KB
29 KB 16ms
15ms Font
application/octet-stream 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/Exo-Regular.woff2

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9cd560d7ccd7107720437a38eafc1f859dab6a6268465028ff18ea9739d966

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

sec-fetch-mode: cors
origin: https://www.the-medium-maria.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
:path: /sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/Exo-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.the-medium-maria.com
Referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4240
content-length: 29204
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: "611b6f86-7214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/octet-stream
cache-control: max-age=14400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
accept-ranges: bytes
cf-ray: 68a15a18d80d2c19-FRA

GET
H2 200 Exo-Medium.woff2
www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/ 33 KB
33 KB 21ms
20ms Font
application/octet-stream 2606:4700:10::6816:11f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/Exo-Medium.woff2

Requested by

Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:11f0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

617f878ad98b55c3aa7d87264178d1a0bbee47e685b6e65870b559351a916111

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Request headers

sec-fetch-mode: cors
origin: https://www.the-medium-maria.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: SESS8ff6065884dc2cabb206a16551a78115=52couiuebime9a2a0ml1th8rt6
:path: /sites/www.the-medium-maria.com/themes/optimus/assets/css/fonts/Exo-Medium.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.the-medium-maria.com
referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.the-medium-maria.com
Referer: https://www.the-medium-maria.com/sites/www.the-medium-maria.com/themes/optimus/assets/css/maintenance.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:59:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2592
content-length: 34044
last-modified: Tue, 17 Aug 2021 08:12:54 GMT
server: cloudflare
x-frame-options: ALLOW-FROM 'sameorigin' https://secure.safecharge.com;
etag: "611b6f86-84fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: application/octet-stream
cache-control: max-age=14400
content-security-policy: frame-ancestors 'self' https://secure.safecharge.com;
accept-ranges: bytes
cf-ray: 68a15a18d8192c19-FRA

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 20ms
20ms Script
application/javascript 151.101.13.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.the-medium-maria.com
URL: https://www.the-medium-maria.com/privacy_policy.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.27 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Referer: https://www.the-medium-maria.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: H89KM1RV4S7TFTBC
x-cache: HIT
content-length: 11781
x-amz-id-2: 2X4DcPAuUiE6Foymon7Mxx0ETD5vM2d6Ih31P/Gs/3u8xfRvjERnC1m/KQrm7GW45yv3YDNKCwU=
x-served-by: cache-fra19136-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1630864772.041580,VS0,VE0
date: Sun, 05 Sep 2021 17:59:32 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 439

GET
H/1.1 200
OK b316d8ccbb Show response
bam-cell.nr-data.net/1/ 49 B
881 B 920ms
920ms Script
text/javascript 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/b316d8ccbb?a=165908585&v=1210.e2a3f80&to=bwNSYUVWD0MCVBUMXlZJcVZDXg5eTB8CBFJQA1QVR1YGVUo%3D&rst=458&ck=1&ref=https://www.the-medium-maria.com/privacy_policy.html&ap=17&be=345&fe=427&dc=411&perf=%7B%22timing%22:%7B%22of%22:1630864771605,%22n%22:0,%22f%22:171,%22dn%22:171,%22dne%22:171,%22c%22:171,%22ce%22:171,%22rq%22:173,%22rp%22:338,%22rpe%22:339,%22dl%22:341,%22di%22:411,%22ds%22:411,%22de%22:411,%22dc%22:427,%22l%22:427,%22le%22:427%7D,%22navigation%22:%7B%7D%7D&fp=409&fcp=409&at=Q0RFFw1MHBxBVkNfSkUb&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Referer: https://www.the-medium-maria.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 05 Sep 2021 17:59:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlVSDQcEXFVVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUCRoLAVUPVnRMB05WAhtDAlYOAlQGBQEOBg9eVwgHVUBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 68a15a197ea9cc3e-ZRH

POST
H/1.1 200
OK b316d8ccbb Show response
bam-cell.nr-data.net/events/1/ 24 B
512 B 603ms
603ms XHR
image/gif 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/b316d8ccbb?a=165908585&v=1210.e2a3f80&to=bwNSYUVWD0MCVBUMXlZJcVZDXg5eTB8CBFJQA1QVR1YGVUo%3D&rst=10458&ck=1&ref=https://www.the-medium-maria.com/privacy_policy.html
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.the-medium-maria.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: text/plain

Response headers

Date: Sun, 05 Sep 2021 17:59:42 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.the-medium-maria.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 68a15a57f9b7cc3e-ZRH
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.the-medium-maria.com/	1970-01-19 23:10:40	Name: _gcl_au Value: 1.1.546717054.1630864772
			.the-medium-maria.com/	1969-12-31 23:59:59	Name: SESS8ff6065884dc2cabb206a16551a78115 Value: 52couiuebime9a2a0ml1th8rt6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://secure.safecharge.com;
Strict-Transport-Security	max-age=15552000
X-Frame-Options	ALLOW-FROM 'sameorigin' https://secure.safecharge.com;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
js-agent.newrelic.com
t.mailc.maria-fortune-teller.com
www.googletagmanager.com
www.the-medium-maria.com
151.101.13.27
162.247.243.146
2606:4700:10::6816:11f0
2a00:1450:4001:80f::2008
52.221.152.154
00c707610c27ebe00b903804ca09090682a6504e745b5605549eaa7db0a5de08
06f454de24c3f0421a6bf72ebdd446dd2f0b90410f07748e652a260e45eb0c5e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3df7ff9920b8a383c3db18e15b8041ed80d70423539fb3a582835abe84978c89
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5b9cd560d7ccd7107720437a38eafc1f859dab6a6268465028ff18ea9739d966
617f878ad98b55c3aa7d87264178d1a0bbee47e685b6e65870b559351a916111
836368f102c972f5c68f7121600b854fb953f955526bcf277b1353a49094a11b
b4e5724457af73af41abf3270e4533c8fd8baef5cb46a85ea99a48d6b6d802c0
d00f96726b284b3e3aba6ba6a98d902e8ea4d3dd06a6e9605d05bf214015bf31
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
f90e448f73eb112e2703f3f3ae1531ed93de7a69ea93b9749b7be2df1933dee0

www.the-medium-maria.com Open in urlscan Pro 2606:4700:10::6816:11f0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

202 kBTransfer

326 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.the-medium-maria.com Open in urlscan Pro
2606:4700:10::6816:11f0 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

202 kB
Transfer

326 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions