buy.stripe.com
18.238.55.37 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://buy.stripe.com/4gw8AybICgGs4GA4gh 5yr old
Submission: On June 04 via automatic, source links-suspicious (June 4th 2025, 3:35:04 pm UTC) — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 18.238.55.37, located in United States and belongs to AMAZON-02, US. The main domain is buy.stripe.com. The Cisco Umbrella rank of the primary domain is 180807. 5yr old
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 1st 2025. Valid for: 3mo.

This is the only time buy.stripe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.238.55.37 18.238.55.37	16509 (AMAZON-02) (AMAZON-02)
13	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
3	54.163.195.10 54.163.195.10	14618 (AMAZON-AES) (AMAZON-AES)
1	3.228.62.110 3.228.62.110	14618 (AMAZON-AES) (AMAZON-AES)
1	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
19	5

1 18.238.55.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-37.jfk52.r.cloudfront.net

buy.stripe.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

13 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 54.163.195.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-195-10.compute-1.amazonaws.com

merchant-ui-api.stripe.com 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 3.228.62.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-62-110.compute-1.amazonaws.com

checkout-cookies.stripe.com 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
19	stripe.com buy.stripe.com — Cisco Umbrella Rank: 180807 5yr old js.stripe.com — Cisco Umbrella Rank: 1424 13yr old merchant-ui-api.stripe.com — Cisco Umbrella Rank: 8402 4yr old checkout-cookies.stripe.com — Cisco Umbrella Rank: 84085 3yr old r.stripe.com — Cisco Umbrella Rank: 2914 5yr old	1 MB
19	1

	Domain	Requested by
13	js.stripe.com	buy.stripe.com js.stripe.com
3	merchant-ui-api.stripe.com	buy.stripe.com
1	r.stripe.com	buy.stripe.com
1	checkout-cookies.stripe.com	buy.stripe.com
1	buy.stripe.com
19	5

This site contains no links.

Subject Issuer	Validity	Valid
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2025-04-01` - `2025-07-10`	3mo	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2025-04-01` - `2025-07-03`	3mo	crt.sh

This page contains 3 frames:

Primary Page: https://buy.stripe.com/4gw8AybICgGs4GA4gh
Frame ID: 8C3C5033951414F8EFEBA7B6514DC3A5
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/link-login-inner-8f2fe6ff4a57d355d3f859b221379da3.html
Frame ID: 8F95985D08042240044C057D79DCE092
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/checkout-inner-origin-frame-7ec6b0cd8efe1ec2e0961d99a22b6dfe.html
Frame ID: 953FA43A1AF4EC57D8A19DE8FB5C16E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Stripe Checkout

Detected technologies

Stripe (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

5
IPs

1
Countries

1127 kB
Transfer

5166 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4gw8AybICgGs4GA4gh Show response
buy.stripe.com/ 358 KB
86 KB 76ms
8ms Document
text/html 18.238.55.37
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-37.jfk52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e35001e2e5114d9317a8a288984a80aa1b1c4412646a23b0ce572fde8b42d482

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-BNulBYV1JXGvq9NQg7814ZyyVZCqfRI1aq5d+PSIdgI=' 'sha256-xhCHRxc6JoUGuDSc4p4pQP4VRDffOJ3JI6SIK12DmRQ=' 'sha256-agVSHA/eAewTYmLxzAIytt5bR5BkvZAzCaHuhH9ScyM='; style-src 'self' https://js.stripe.com 'sha256-ERqgw/VCzal0GVy+XtwzIr+xXko1B0H49allNX1w69w='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 57
alt-svc: h3=":443"; ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-BNulBYV1JXGvq9NQg7814ZyyVZCqfRI1aq5d+PSIdgI=' 'sha256-xhCHRxc6JoUGuDSc4p4pQP4VRDffOJ3JI6SIK12DmRQ=' 'sha256-agVSHA/eAewTYmLxzAIytt5bR5BkvZAzCaHuhH9ScyM='; style-src 'self' https://js.stripe.com 'sha256-ERqgw/VCzal0GVy+XtwzIr+xXko1B0H49allNX1w69w='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 04 Jun 2025 15:34:13 GMT
etag: W/"77c97e998fb953a3ab3a30fd1b769f46"
last-modified: Tue, 03 Jun 2025 23:02:03 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c1ba88066bcaf9ff8fd777e3d54f5c7e.cloudfront.net (CloudFront)
x-amz-cf-id: y3m0o1gyqCVK1Zldf3mF0IK8hFefEv4OmE8LCPot6LXIWObtUXAnFQ==
x-amz-cf-pop: JFK52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 checkout-app-init-600bc6ab7e51c2d52e0167a578d905f2.js Show response
js.stripe.com/v3/fingerprinted/js/ 2 MB
453 KB 58ms
23ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/checkout-app-init-600bc6ab7e51c2d52e0167a578d905f2.js

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

de7085c8a485651e3c1aff560ee8970d08d7b20c6aa442c1f4562a357670e8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: a57d578f-5e28-4ecf-81a2-0a72e1105313
content-encoding: br
etag: "49ebac19aa2d387908abafb0be4f122c"
age: 61414
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Tue, 03 Jun 2025 22:08:13 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21942-LGA
x-cache-hits: 59
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 463385
server: Fastly

GET
H2 200 checkout-app-init-9b3938a1b74f750b7f7f8579cc5774a5.css
js.stripe.com/v3/fingerprinted/css/ 408 KB
51 KB 47ms
13ms Stylesheet
text/css 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/checkout-app-init-9b3938a1b74f750b7f7f8579cc5774a5.css

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

903f09ef827f13024bb410d3b38ebb644379fa0923d304fced749ca589d87749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: 393d9a71-79bb-42bb-b8ca-254dc9c8b332
content-encoding: br
etag: "080814e9ec7fa46e388ac8a336c98151"
age: 61415
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Tue, 03 Jun 2025 22:08:03 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-lga21942-LGA
x-cache-hits: 95
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 51670
server: Fastly

GET
H2 200 vendor-85d03c5ad8bbae68a1f44b4e9d0cf84a.js Show response
js.stripe.com/v3/fingerprinted/js/ 647 KB
177 KB 48ms
14ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/vendor-85d03c5ad8bbae68a1f44b4e9d0cf84a.js

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

acae1fcf7a8094debc7ad6ef979f1c2bfa1e955459472f04b8bbb2f1d708a15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: b5b4a378-79a5-4d7b-beee-f7956270b821
content-encoding: br
etag: "09be5a983cafcb5741161f8258ed70a6"
age: 67118
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Tue, 03 Jun 2025 20:41:23 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21942-LGA
x-cache-hits: 98
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 180898
server: Fastly

GET
H2 200 stripe-311e19453d03870837a0f7ab66801d33.js Show response
js.stripe.com/v3/fingerprinted/js/ 745 KB
177 KB 48ms
13ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/stripe-311e19453d03870837a0f7ab66801d33.js?stripeCheckoutInitialized=true

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a4b67d1fdb458106c9df7388ac4f730c3760521d15f17d1ab7ce6fd1e924e625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: ab55194f-a091-455a-b4dc-86ef5d0ae079
content-encoding: br
etag: "f0810fe9146cd7b24982028e4ff32d6b"
age: 62708
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Tue, 03 Jun 2025 22:08:16 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21942-LGA
x-cache-hits: 127
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 180752
server: Fastly

POST
H2 400 4gw8AybICgGs4GA4gh Show response
merchant-ui-api.stripe.com/payment-links/ 362 B
1 KB 1609ms
1563ms Fetch
application/json 54.163.195.10
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://merchant-ui-api.stripe.com/payment-links/4gw8AybICgGs4GA4gh

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.163.195.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-195-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

28d1c136c4cf870749404feed78a10f5268e052012ab3f1fa6c79310e67c85b1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=R4ZQ88DLzO25ZKvFAdO_x3rlElSQHzxI9LuFV6EAX3Eph_hFiGjIHl3rP-rRmsH9GfTfexEjFudRdA4%3D
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-robots-tag: none
access-control-max-age: 300
x-wc: ABCDGHI
x-stripe-proxy-response: upstream
report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
access-control-allow-methods: GET, POST
request-id: req_QTTM7XNydWCg2b
expires: 0
x-content-type-options: nosniff
x-stripe-server-rpc-duration-micros: 265713
date: Wed, 04 Jun 2025 15:35:06 GMT
content-type: application/json; charset=UTF-8
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
reporting-endpoints: coop="https://q.stripe.com/coop-report"
content-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=R4ZQ88DLzO25ZKvFAdO_x3rlElSQHzxI9LuFV6EAX3Eph_hFiGjIHl3rP-rRmsH9GfTfexEjFudRdA4%3D
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-stripe-routing-context-priority-tier: livemode-critical
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-stripe-priority-routing-enabled: true
access-control-allow-origin: *
content-length: 362
server: nginx

GET
H2 200 4gw8AybICgGs4GA4gh Show response
merchant-ui-api.stripe.com/payment-links/ 249 B
1 KB 1387ms
1342ms Fetch
application/json 54.163.195.10
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://merchant-ui-api.stripe.com/payment-links/4gw8AybICgGs4GA4gh

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.163.195.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-195-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

51b4afea2f0618d8a5898af5c22697383c48e32e45a84fbb814fa552eb84069d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=R4ZQ88DLzO25ZKvFAdO_x3rlElSQHzxI9LuFV6EAX3Eph_hFiGjIHl3rP-rRmsH9GfTfexEjFudRdA4%3D
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-robots-tag: none
access-control-max-age: 300
x-wc: ABCDGHI
x-stripe-proxy-response: upstream
report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
access-control-allow-methods: GET, POST
request-id: req_afku9uSM761o5s
expires: 0
x-content-type-options: nosniff
x-stripe-server-rpc-duration-micros: 49742
date: Wed, 04 Jun 2025 15:35:06 GMT
content-type: application/json; charset=UTF-8
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
reporting-endpoints: coop="https://q.stripe.com/coop-report"
content-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=R4ZQ88DLzO25ZKvFAdO_x3rlElSQHzxI9LuFV6EAX3Eph_hFiGjIHl3rP-rRmsH9GfTfexEjFudRdA4%3D
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-stripe-routing-context-priority-tier: livemode
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-stripe-priority-routing-enabled: true
access-control-allow-origin: *
content-length: 249
server: nginx

GET
H2 200 get-cookie Show response
merchant-ui-api.stripe.com/link/ 35 B
1 KB 134ms
90ms Fetch
application/json 54.163.195.10
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://merchant-ui-api.stripe.com/link/get-cookie

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.163.195.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-195-10.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8d0c04f065692bfeb27d08b1aa3c98a734abdfdabd44cc5f5757e20ac6ff7ff3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=DEScqHkCPY6iwEox-xj5kDFqGsqfUb6b33qSgF7ikTcumlHKivT6yiO7LtlbGR_LsImapzmoVOuHaNk%3D
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-robots-tag: none
access-control-max-age: 300
x-wc: ABCDGHI
x-stripe-proxy-response: upstream
report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
access-control-allow-methods: GET, POST
request-id: req_iPEkfwh7wS4j60
expires: 0
x-content-type-options: nosniff
x-stripe-server-rpc-duration-micros: 14169
date: Wed, 04 Jun 2025 15:35:05 GMT
content-type: application/json; charset=UTF-8
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
reporting-endpoints: coop="https://q.stripe.com/coop-report"
content-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'; worker-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=DEScqHkCPY6iwEox-xj5kDFqGsqfUb6b33qSgF7ikTcumlHKivT6yiO7LtlbGR_LsImapzmoVOuHaNk%3D
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-stripe-routing-context-priority-tier: livemode
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-stripe-priority-routing-enabled: true
access-control-allow-origin: https://buy.stripe.com
content-length: 35
server: nginx

GET
H2 200 get-cookie Show response
checkout-cookies.stripe.com/api/ 35 B
914 B 135ms
91ms Fetch
application/json 3.228.62.110
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://checkout-cookies.stripe.com/api/get-cookie

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.228.62.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-228-62-110.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8d0c04f065692bfeb27d08b1aa3c98a734abdfdabd44cc5f5757e20ac6ff7ff3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; script-src 'none' 'report-sample'; style-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=F2x5JxpV1no5qs153ALthkKHgUiBl9sIbMzOLTf4ZjZwZ-oeVx5ds229E7mCj76Axb2o1Ljfxy0052a6
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-robots-tag: none
access-control-max-age: 300
x-wc: ABCDGHI
x-stripe-proxy-response: upstream
report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report"}],"include_subdomains":true}
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
expires: 0
x-stripe-server-rpc-duration-micros: 12390
date: Wed, 04 Jun 2025 15:35:05 GMT
content-type: application/json; charset=UTF-8
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
reporting-endpoints: coop="https://q.stripe.com/coop-report"
content-security-policy: base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'none'; script-src 'none' 'report-sample'; style-src 'none'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=F2x5JxpV1no5qs153ALthkKHgUiBl9sIbMzOLTf4ZjZwZ-oeVx5ds229E7mCj76Axb2o1Ljfxy0052a6
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: https://buy.stripe.com
content-length: 35
server: nginx

GET
H2 200 30387-87638ea841a2ae73fa958f3b520f6d66.js Show response
js.stripe.com/v3/fingerprinted/js/ 152 KB
35 KB 19ms
18ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/30387-87638ea841a2ae73fa958f3b520f6d66.js

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4ec8e37dfb3b2651665901a7f47e8c74dd8ccc37f085106c79eed8f2dc906d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: ce8e92ef-95f1-4bbf-9c66-c08b035f0387
content-encoding: br
etag: "1438f5b5fb0f8ad2bf59051b3ee66661"
age: 2517022
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Mon, 10 Mar 2025 20:05:24 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21942-LGA
x-cache-hits: 2551
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35246
server: Fastly

GET
H2 200 phone-numbers-lib-bab50efe0a1b481d8bb3be9b80b18038.js Show response
js.stripe.com/v3/fingerprinted/js/ 3 KB
1 KB 17ms
17ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-bab50efe0a1b481d8bb3be9b80b18038.js

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

cf36d78c6a8d03d2b9b36898d860d902e12135b8915ae459ff9d004e2a17f657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: 7b5c00ec-6c2c-4cdd-9ec0-04a935fa265b
content-encoding: br
etag: "d2d050757e0bfe044c204c99051dd03c"
age: 1988105
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Fri, 18 Apr 2025 20:02:21 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21942-LGA
x-cache-hits: 2543
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1051
server: Fastly

GET
H3 200 favicon.ico
js.stripe.com/v3/ 15 KB
2 KB 19ms
19ms Other
image/vnd.microsoft.icon 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

56e9db1f01ad56002df3b97b46923db0c98fc10a3aa949d8500cb6b12e92246c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: 428c6402-e589-4099-a049-86b64f7ac229
content-encoding: br
etag: "788402a97fdf8b2c198e9dd94d3530b2"
age: 68
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:05 GMT
last-modified: Tue, 20 May 2025 22:13:02 GMT
content-type: image/vnd.microsoft.icon
x-served-by: cache-lga21971-LGA
x-cache-hits: 1
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1446
server: Fastly

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ 474 B
619 B 41ms
20ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f8376f4ef1773ae9ba74892b71892e8619280bf3273b79ce4d5a01271cc700e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://buy.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-request-id: c3ba786e-f0d8-4ff6-a5d4-95c94b689d8b
content-encoding: br
etag: "52065356985eb058214dacbac74fca76"
age: 25
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:06 GMT
last-modified: Tue, 03 Jun 2025 23:02:04 GMT
content-type: application/json
x-cache-hits: 14
x-served-by: cache-lga21978-LGA
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 298
server: Fastly

GET
H3 200 link-login-inner-8f2fe6ff4a57d355d3f859b221379da3.html Show response
js.stripe.com/v3/ Frame 8F95 65 KB
22 KB 20ms
19ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/link-login-inner-8f2fe6ff4a57d355d3f859b221379da3.html

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fac5ddee80cb24c5ec7416fcfb7d4c3e0543398d4b01a852d290a956a445a509

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' 'sha256-0wZEEB92lOSdE+bKoVL+EOc1VboRR06xJw+eSgbyzJ0='; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 22130
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' 'sha256-0wZEEB92lOSdE+bKoVL+EOc1VboRR06xJw+eSgbyzJ0='; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 04 Jun 2025 15:35:06 GMT
etag: "d87a175f378706c26be34d5dfcc456a4"
last-modified: Tue, 03 Jun 2025 22:08:17 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 39362d75-51df-4bb9-83a4-703fdcc645f2
x-served-by: cache-lga21971-LGA

GET
H3 200 checkout-inner-origin-frame-7ec6b0cd8efe1ec2e0961d99a22b6dfe.html Show response
js.stripe.com/v3/ Frame 953F 52 KB
18 KB 20ms
19ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/checkout-inner-origin-frame-7ec6b0cd8efe1ec2e0961d99a22b6dfe.html

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0858272943fbab235bb6a85e66d31f6b23efa4710522d56c0fc525d7a6be4c04

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://api.stripe.com https://r.stripe.com https://js.stripe.com; default-src 'none'; font-src 'none'; form-action 'none'; img-src 'none'; object-src 'none'; script-src 'self' 'sha256-T/bgY0ja0pkZQZZ4ygRc1i+ZNEg8qyXuQaQ4yQk415A='; style-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 62202
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 17723
content-security-policy: base-uri 'none'; connect-src https://api.stripe.com https://r.stripe.com https://js.stripe.com; default-src 'none'; font-src 'none'; form-action 'none'; img-src 'none'; object-src 'none'; script-src 'self' 'sha256-T/bgY0ja0pkZQZZ4ygRc1i+ZNEg8qyXuQaQ4yQk415A='; style-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 04 Jun 2025 15:35:06 GMT
etag: "8b738ddfe32db18a3ddc4bed071b4501"
last-modified: Tue, 03 Jun 2025 22:08:02 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 131
x-content-type-options: nosniff
x-request-id: 4dbecd65-78b7-4466-857f-6f2d08c14ee1
x-served-by: cache-lga21971-LGA

GET
H3 200 stripe-cookies-0365765a4afa0da4fe353e8fa3bd8a03.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F95 65 KB
14 KB 23ms
22ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/stripe-cookies-0365765a4afa0da4fe353e8fa3bd8a03.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/link-login-inner-8f2fe6ff4a57d355d3f859b221379da3.html

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

36cd7308f5141e7e2be67a3090ba479012d3e16a1b8e4a8456874caddd3dbf98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://js.stripe.com/v3/link-login-inner-8f2fe6ff4a57d355d3f859b221379da3.html

Response headers

x-request-id: f6a28f3b-d1fa-4be9-84c1-43285ccebe5a
content-encoding: br
etag: "77d43802abe03e19a8a1d1c4594cc253"
age: 1322407
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:06 GMT
last-modified: Tue, 22 Apr 2025 03:45:53 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21971-LGA
x-cache-hits: 1490
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13874
server: Fastly

POST
H2 200 b Show response
r.stripe.com/ 0
304 B 255ms
82ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://buy.stripe.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-proxy-response: upstream
access-control-allow-credentials: true
access-control-allow-methods: POST
x-stripe-upstream-host: 10.73.37.231:1643
access-control-allow-origin: https://buy.stripe.com
x-stripe-server-rpc-duration-micros: 4729
content-length: 0
x-stripe-inbound-proxy-type: mesh-proxy
date: Wed, 04 Jun 2025 15:35:07 GMT
content-type: text/plain
x-stripe-outbound-proxy-type: envoy
server: nginx

GET
H3 200 16284-5b4b1012b6d4c59e5dfee43457ec68a1.js Show response
js.stripe.com/v3/fingerprinted/js/ 48 KB
14 KB 22ms
21ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/16284-5b4b1012b6d4c59e5dfee43457ec68a1.js

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b87c8a07ce3629874c0dc72dd0fccaf9d881e34b7d001ee5ce983383b6aad89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: 212fa6df-1f71-4c28-89de-73147176f0fd
content-encoding: br
etag: "eb71c3e3714d4572455e708793c85cd1"
age: 778010
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:06 GMT
last-modified: Mon, 03 Mar 2025 22:06:57 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21971-LGA
x-cache-hits: 13
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13571
server: Fastly

GET
H3 200 hosted-transform-error-7792703fcbe90e7e1e7b11c02483922e.js Show response
js.stripe.com/v3/fingerprinted/js/ 398 KB
73 KB 24ms
24ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/hosted-transform-error-7792703fcbe90e7e1e7b11c02483922e.js

Requested by

Host: buy.stripe.com
URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1c03fd9b7c6bfc72ed919001eaf4d6ac9701778d38b44f08941f2fcceb60c2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Referer: https://buy.stripe.com/

Response headers

x-request-id: dd733e62-f147-478b-9b39-4dcd86bdd2b5
content-encoding: br
etag: "115f45067ae124a3679dc5eee3385112"
age: 61327
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Wed, 04 Jun 2025 15:35:06 GMT
last-modified: Tue, 03 Jun 2025 22:08:15 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lga21971-LGA
x-cache-hits: 15
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=31536000
timing-allow-origin: *
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74556
server: Fastly

Verdicts & Comments Add Verdict or Comment

9 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh Message: <link rel=preload> uses an unsupported `as` value
other	warning	URL: https://buy.stripe.com/4gw8AybICgGs4GA4gh Message: <link rel=preload> uses an unsupported `as` value
network	error	URL: https://merchant-ui-api.stripe.com/payment-links/4gw8AybICgGs4GA4gh Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-BNulBYV1JXGvq9NQg7814ZyyVZCqfRI1aq5d+PSIdgI=' 'sha256-xhCHRxc6JoUGuDSc4p4pQP4VRDffOJ3JI6SIK12DmRQ=' 'sha256-agVSHA/eAewTYmLxzAIytt5bR5BkvZAzCaHuhH9ScyM='; style-src 'self' https://js.stripe.com 'sha256-ERqgw/VCzal0GVy+XtwzIr+xXko1B0H49allNX1w69w='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buy.stripe.com
checkout-cookies.stripe.com
js.stripe.com
merchant-ui-api.stripe.com
r.stripe.com
151.101.0.176
18.238.55.37
3.228.62.110
54.163.195.10
54.187.119.242
0858272943fbab235bb6a85e66d31f6b23efa4710522d56c0fc525d7a6be4c04
1c03fd9b7c6bfc72ed919001eaf4d6ac9701778d38b44f08941f2fcceb60c2c1
28d1c136c4cf870749404feed78a10f5268e052012ab3f1fa6c79310e67c85b1
36cd7308f5141e7e2be67a3090ba479012d3e16a1b8e4a8456874caddd3dbf98
4ec8e37dfb3b2651665901a7f47e8c74dd8ccc37f085106c79eed8f2dc906d52
51b4afea2f0618d8a5898af5c22697383c48e32e45a84fbb814fa552eb84069d
56e9db1f01ad56002df3b97b46923db0c98fc10a3aa949d8500cb6b12e92246c
8d0c04f065692bfeb27d08b1aa3c98a734abdfdabd44cc5f5757e20ac6ff7ff3
903f09ef827f13024bb410d3b38ebb644379fa0923d304fced749ca589d87749
a4b67d1fdb458106c9df7388ac4f730c3760521d15f17d1ab7ce6fd1e924e625
acae1fcf7a8094debc7ad6ef979f1c2bfa1e955459472f04b8bbb2f1d708a15b
b87c8a07ce3629874c0dc72dd0fccaf9d881e34b7d001ee5ce983383b6aad89a
cf36d78c6a8d03d2b9b36898d860d902e12135b8915ae459ff9d004e2a17f657
de7085c8a485651e3c1aff560ee8970d08d7b20c6aa442c1f4562a357670e8a8
e35001e2e5114d9317a8a288984a80aa1b1c4412646a23b0ce572fde8b42d482
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8376f4ef1773ae9ba74892b71892e8619280bf3273b79ce4d5a01271cc700e9
fac5ddee80cb24c5ec7416fcfb7d4c3e0543398d4b01a852d290a956a445a509

buy.stripe.com 18.238.55.37 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

5 Subdomains

5 IPs

1 Countries

1127 kBTransfer

5166 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Window variables

0 Cookies

3 Console Messages

Security Headers

Indicators

buy.stripe.com
18.238.55.37 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

5
Subdomains

5
IPs

1
Countries

1127 kB
Transfer

5166 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions