www.mediterms.app Open in urlscan Pro
185.199.111.153  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.mediterms.app/	2 KB 1 KB	467ms 121ms	Document text/html	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.mediterms.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 80840b499a9fcbe7502ee88e552bfb82c734ec1b90a4ba3b34dca9659c69f592 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 0 cache-control max-age=600 content-encoding gzip content-length 724 content-type text/html; charset=utf-8 date Fri, 05 Jul 2024 17:37:13 GMT etag W/"65e11882-7df" expires Fri, 05 Jul 2024 17:47:13 GMT last-modified Thu, 29 Feb 2024 23:51:30 GMT server GitHub.com vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-fastly-request-id f144241a0d534550424774cee5c79ede479a3a70 x-github-request-id 9330:1EED78:10ABA1:111CFD:66882F49 x-proxy-cache MISS x-served-by cache-fra-eddf8230055-FRA x-timer S1720201034.564144,VS0,VE115
GET H2	200	main.d89e293b.js Show response www.mediterms.app/static/js/	319 KB 102 KB	139ms 139ms	Script application/javascript	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.mediterms.app/static/js/main.d89e293b.js Requested by Host: www.mediterms.app URL: https://www.mediterms.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 55963dc3b485edbe0fa089698728fb238d1e5afb44cc1e2008b569ebc21a831c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id ac5afbf029dfea6665f77a4fab9b29e134b19308 date Fri, 05 Jul 2024 17:37:13 GMT content-encoding gzip via 1.1 varnish x-cache-hits 0 age 0 x-cache MISS x-proxy-cache MISS content-length 104297 x-served-by cache-fra-eddf8230055-FRA last-modified Thu, 29 Feb 2024 23:51:30 GMT server GitHub.com x-github-request-id EAB0:216EFD:FFA2E:106BCC:66882F49 x-timer S1720201034.691039,VS0,VE132 etag W/"65e11882-4fc7a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes expires Fri, 05 Jul 2024 17:47:13 GMT
GET H2	200	main.1fc0d3ed.css www.mediterms.app/static/css/	20 KB 4 KB	112ms 112ms	Stylesheet text/css	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.mediterms.app/static/css/main.1fc0d3ed.css Requested by Host: www.mediterms.app URL: https://www.mediterms.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 640c52fd7837d556337d6adff741bb2eb4c676534adb5b452ba0b704a0af0d6a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 7c790cab2872c969dd45fea341b0b3245402f09d date Fri, 05 Jul 2024 17:37:13 GMT content-encoding gzip via 1.1 varnish x-cache-hits 0 age 0 x-cache MISS x-proxy-cache MISS content-length 4426 x-served-by cache-fra-eddf8230055-FRA last-modified Thu, 29 Feb 2024 23:51:30 GMT server GitHub.com x-github-request-id 4CA6:8619C:102FB6:10A190:66882F49 x-timer S1720201034.690884,VS0,VE105 etag W/"65e11882-5190" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=600 accept-ranges bytes expires Fri, 05 Jul 2024 17:47:13 GMT
GET H2	200	v3 Show response js.stripe.com/	619 KB 171 KB	47ms 10ms	Script text/javascript	18.244.18.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: www.mediterms.app URL: https://www.mediterms.app/static/js/main.d89e293b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.88 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-88.fra56.r.cloudfront.net Software Cloudfront / Resource Hash ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 17:36:38 GMT content-encoding gzip via 1.1 11c65b00bf7f76c861a15dcad5558b9c.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 36 x-amz-cf-pop FRA56-P11 x-cache Hit from cloudfront last-modified Wed, 03 Jul 2024 20:42:59 GMT server Cloudfront etag W/"16095b208fce1f9394656811fb5b307e" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id MRwmjyx5WzW_FBi4YIWm3wxALKOTaCOQ6npZEoj_v9yUvw0hM0D7xQ==
GET H/1.1	200 OK	icon-mt-home.svg magiei-resources.s3.us-east-2.amazonaws.com/Icons/	1 KB 2 KB	401ms 147ms	Image image/svg+xml	3.5.128.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://magiei-resources.s3.us-east-2.amazonaws.com/Icons/icon-mt-home.svg Requested by Host: www.mediterms.app URL: https://www.mediterms.app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.128.17 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash db6149b9ee09b8443b55c2a6c7015232084483ec31c065136a1e0d6b2d9b360a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 17:37:15 GMT x-amz-version-id Hw5dUPdT33ASRUUjuxNWKtTPPpb0H7GM Last-Modified Mon, 30 Jan 2023 22:25:29 GMT Server AmazonS3 x-amz-request-id GE43YX3WV70P6QTF ETag "655f118921f0ce675a6af8b231a4a81c" x-amz-server-side-encryption AES256 Content-Type image/svg+xml Accept-Ranges bytes Content-Length 1113 x-amz-id-2 3laYHnrTRxsy4OBCKEP6bwHAe6mxX14nwmN3OH+XUxBzl51ygLyyBo5+7JBX73gaeDOg95AT2pcdBiaNnVQHWA==
GET H/1.1	200 OK	mediterms-logo.png inteligeneresources.s3.us-east-2.amazonaws.com/Imagenes/	39 KB 40 KB	420ms 163ms	Image image/png	3.5.128.185 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://inteligeneresources.s3.us-east-2.amazonaws.com/Imagenes/mediterms-logo.png Requested by Host: www.mediterms.app URL: https://www.mediterms.app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.128.185 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash 653b0c02d38067cbad3650a5f586a46989f5c1e875f76d94a62fd764ec292b3a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 17:37:15 GMT Last-Modified Thu, 19 Jan 2023 18:27:40 GMT Server AmazonS3 x-amz-request-id GE48KA9S5985M96E ETag "fa6e34a2d05e6b49d1016162b01c3159" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 40367 x-amz-id-2 c2YAzTP9P7Km+CEQBTEDeg0UBn5z+Vl4SxaR2PohvRSx/2bsRl8BOuc4mglttmNt4vJDHS7HfhAtDVjZD4El8+Bqn/TMAZyHQeg4nTEnaQY=
GET H/1.1	200 OK	icon-mt-user.svg magiei-resources.s3.us-east-2.amazonaws.com/Icons/	558 B 1020 B	401ms 149ms	Image image/svg+xml	3.5.128.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://magiei-resources.s3.us-east-2.amazonaws.com/Icons/icon-mt-user.svg Requested by Host: www.mediterms.app URL: https://www.mediterms.app/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.128.17 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash 506c2fab3d2bab9b3d6cfd2cc7654bd3e9f45db066f3f756d0a01115cff6f4db Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 17:37:15 GMT x-amz-version-id voaalqhYj.u.VXT6xdw80K63inkfOdp_ Last-Modified Mon, 30 Jan 2023 22:25:29 GMT Server AmazonS3 x-amz-request-id GE44ST2PAMZK1XGH ETag "2c6704251b87cf81f82dc25c18a85919" x-amz-server-side-encryption AES256 Content-Type image/svg+xml Accept-Ranges bytes Content-Length 558 x-amz-id-2 pWy/tgpSmiu312lubi+4K8wh0ekuoIAqosLw/EYEkEup6pWL5WMlo1ZOudYdFyANnck4dhncsTFlVgg/Tdzm3A==
GET H2	200	Montserrat-Bold.079ca05d3ded9bc107ab.ttf www.mediterms.app/static/media/	239 KB 110 KB	125ms 125ms	Font font/ttf	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.mediterms.app/static/media/Montserrat-Bold.079ca05d3ded9bc107ab.ttf Requested by Host: www.mediterms.app URL: https://www.mediterms.app/static/css/main.1fc0d3ed.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/static/css/main.1fc0d3ed.css Origin https://www.mediterms.app Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 4307bf4fe2126a010f5a2b4fb1c9e0cc2267e051 date Fri, 05 Jul 2024 17:37:14 GMT content-encoding gzip via 1.1 varnish x-cache-hits 0 age 0 x-cache MISS x-proxy-cache MISS content-length 112867 x-served-by cache-fra-eddf8230055-FRA last-modified Thu, 29 Feb 2024 23:51:30 GMT server GitHub.com x-github-request-id 25EC:32250D:FF15D:1061F0:66882F49 x-timer S1720201034.890333,VS0,VE119 etag W/"65e11882-3baf4" vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control max-age=600 accept-ranges bytes x-origin-cache HIT expires Fri, 05 Jul 2024 17:47:13 GMT
GET H2	200	samples Show response api.mediterms.app/terms/	204 B 379 B	413ms 152ms	XHR application/json	3.138.205.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.mediterms.app/terms/samples?previousIds=[] Requested by Host: www.mediterms.app URL: https://www.mediterms.app/static/js/main.d89e293b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.138.205.197 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-138-205-197.us-east-2.compute.amazonaws.com Software nginx / Resource Hash f0dc47878c41648ddc6c3798f3ba994be7683e6631bcf785674ed25a591ce193 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.mediterms.app date Fri, 05 Jul 2024 17:37:14 GMT access-control-allow-credentials true server nginx content-length 204 vary Origin content-type application/json; charset=utf-8
GET H2	200	controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html js.stripe.com/v3/ Frame 7A4E	0 0	23ms 10ms	Document text/html	18.244.18.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-37.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.mediterms.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 13 cache-control max-age=60, stale-while-revalidate=900 content-length 651 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 05 Jul 2024 17:37:01 GMT etag "6a259ce9c1cfd6bc93b8b95f1a5f50b3" last-modified Wed, 03 Jul 2024 20:04:08 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront) x-amz-cf-id _pKVnFmXQxHJ2nXWRqwdg0EpDuqLDcakaNNTDAhSDbNuEp1VNRL6jw== x-amz-cf-pop FRA56-P11 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	Montserrat-Medium.e2d60bc49517598c0ce8.ttf www.mediterms.app/static/media/	237 KB 110 KB	125ms 125ms	Font font/ttf	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.mediterms.app/static/media/Montserrat-Medium.e2d60bc49517598c0ce8.ttf Requested by Host: www.mediterms.app URL: https://www.mediterms.app/static/css/main.1fc0d3ed.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash 421f26b23e2be6b98373d32acd3cb2897b154d4bf0a77d26534ce476e4cbed53 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/static/css/main.1fc0d3ed.css Origin https://www.mediterms.app Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 335f82ef6ab6747493d1ffad17676248e4d7336b date Fri, 05 Jul 2024 17:37:14 GMT content-encoding gzip via 1.1 varnish x-cache-hits 0 age 0 x-cache MISS x-proxy-cache MISS content-length 112485 x-served-by cache-fra-eddf8230055-FRA last-modified Thu, 29 Feb 2024 23:51:30 GMT server GitHub.com x-github-request-id 271A:3150AD:1034CF:10A675:66882F49 x-timer S1720201034.320678,VS0,VE118 etag W/"65e11882-3b5ec" vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control max-age=600 accept-ranges bytes expires Fri, 05 Jul 2024 17:47:14 GMT
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 62E0	0 0	10ms 10ms	Document text/html	18.244.18.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-37.fra56.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://www.mediterms.app/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 1932 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 05 Jul 2024 17:05:05 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Wed, 03 Jul 2024 20:04:23 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 0b761d2a74b283528cf840bf9ce44b20.cloudfront.net (CloudFront) x-amz-cf-id 2-pfSSdhKlt3DvKwwBlnXppPzxYlU85tTqVvNRrj8iBl_X4YsKd48w== x-amz-cf-pop FRA56-P11 x-cache Hit from cloudfront x-content-type-options nosniff
GET H/1.1	200 OK	mediterms.ico inteligeneresources.s3.us-east-2.amazonaws.com/Imagenes/	19 KB 19 KB	131ms 131ms	Other image/x-icon	3.5.128.185 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://inteligeneresources.s3.us-east-2.amazonaws.com/Imagenes/mediterms.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.128.185 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-r-w.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash 5c9f42f755121643b8d66509993d9031975fa229d70d5aa1faf8f583ceeea22b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.mediterms.app/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Jul 2024 17:37:15 GMT Last-Modified Fri, 27 Jan 2023 23:38:28 GMT Server AmazonS3 x-amz-request-id GE469DKE0PDFZWD7 ETag "c20ee267a8927241b9a075684afa421e" x-amz-server-side-encryption AES256 Content-Type image/x-icon Accept-Ranges bytes Content-Length 19276 x-amz-id-2 a9Q/GSoJ0vfmqMRUL3djsYH8beYR3YEHj0J1J07+1yWn+oUmD7C0gkB+/dNtC/6hmUAH67GGnvYgOl0U4NS0hBmnJ6W0PPdjmgXKZPdRDIE=

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| CapacitorPlatforms object| Capacitor function| setSession function| clearSession function| redirectTo function| setCookieOnce function| getCookieToken object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 07:26:01	Name: m Value: b04293e4-0b1b-4eac-bfb4-a7bc0b34f8a0de6f21
			.www.mediterms.app/	1970-01-21 06:35:37	Name: __stripe_mid Value: f0b8a33e-61e1-4252-9125-d5a3d69e30ae335d4c
			.www.mediterms.app/	1970-01-20 21:50:02	Name: __stripe_sid Value: 3d66c80c-c1b6-4431-ba13-c1c75029f176c24cec

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mediterms.app
inteligeneresources.s3.us-east-2.amazonaws.com
js.stripe.com
magiei-resources.s3.us-east-2.amazonaws.com
www.mediterms.app
18.244.18.37
18.244.18.88
185.199.111.153
3.138.205.197
3.5.128.17
3.5.128.185
421f26b23e2be6b98373d32acd3cb2897b154d4bf0a77d26534ce476e4cbed53
506c2fab3d2bab9b3d6cfd2cc7654bd3e9f45db066f3f756d0a01115cff6f4db
55963dc3b485edbe0fa089698728fb238d1e5afb44cc1e2008b569ebc21a831c
5c9f42f755121643b8d66509993d9031975fa229d70d5aa1faf8f583ceeea22b
640c52fd7837d556337d6adff741bb2eb4c676534adb5b452ba0b704a0af0d6a
653b0c02d38067cbad3650a5f586a46989f5c1e875f76d94a62fd764ec292b3a
80840b499a9fcbe7502ee88e552bfb82c734ec1b90a4ba3b34dca9659c69f592
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
db6149b9ee09b8443b55c2a6c7015232084483ec31c065136a1e0d6b2d9b360a
f0dc47878c41648ddc6c3798f3ba994be7683e6631bcf785674ed25a591ce193