urlscan.io logo urlscan.io
SecurityTrails logo

climate.stripe.com Open in urlscan Pro
34.252.74.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://klimaneutral.deliverone.de/
Effective URL: https://climate.stripe.com/nWyy9v
Submission: On July 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 34.252.74.21, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is climate.stripe.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 8th 2021. Valid for: a year.
This is the only time climate.stripe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 87.106.168.47 8560 (IONOS-AS ...)
2 34.252.74.21 16509 (AMAZON-02)
11 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
6 2600:9000:211... 16509 (AMAZON-02)
20 4
1    87.106.168.47 (Oberkirch, Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
klimaneutral.deliverone.de
2    34.252.74.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-74-21.eu-west-1.compute.amazonaws.com
climate.stripe.com
11    2600:9000:223d:7200:b:1d09:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)
b.stripecdn.com
1    2600:9000:206e:d000:9:7851:2b80:21 (United States)

ASN16509 (AMAZON-02, US)
d1wqzb5bdbcre6.cloudfront.net
6    2600:9000:211e:c000:7:fbfb:bf80:21 (United States)

ASN16509 (AMAZON-02, US)
d37ugbyn3rpeym.cloudfront.net
Apex Domain
Subdomains		 Transfer
11 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 61229
1 MB
7 cloudfront.net
d1wqzb5bdbcre6.cloudfront.net
d37ugbyn3rpeym.cloudfront.net
35 KB
2 stripe.com
climate.stripe.com
11 KB
1 deliverone.de
klimaneutral.deliverone.de
293 B
20 4
Domain Requested by
11 b.stripecdn.com climate.stripe.com
6 d37ugbyn3rpeym.cloudfront.net climate.stripe.com
2 climate.stripe.com climate.stripe.com
1 d1wqzb5bdbcre6.cloudfront.net climate.stripe.com
1 klimaneutral.deliverone.de 1 redirects
20 5

This site contains links to these domains. Also see Links.

Domain
deliverone.de
stripe.com
Subject Issuer Validity Valid
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-20 -
2022-09-25		 4 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://climate.stripe.com/nWyy9v
Frame ID: F1A5DA7BB5B6CF2099133E1D00B2465E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DeliverOne: Unser Beitrag zum CO₂-Ausgleich

Page URL History Show full URLs

  1. https://klimaneutral.deliverone.de/ HTTP 302
    https://climate.stripe.com/nWyy9v Page URL

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

1271 kB
Transfer

18325 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://klimaneutral.deliverone.de/ HTTP 302
    https://climate.stripe.com/nWyy9v Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nWyy9v
climate.stripe.com/
Redirect Chain
  • https://klimaneutral.deliverone.de/
  • https://climate.stripe.com/nWyy9v
36 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.74.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-74-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
67ca681e315355b8f6c2cb00afe0513c675c2210717eb621ce32c855c1f92889
Security Headers
Name Value
Content-Security-Policy report-uri /csp-report?p=%3Aslug; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://*.stripecdn.com https://errors.stripe.com; font-src 'self' https://*.stripecdn.com; frame-ancestors 'self'; frame-src 'self' https://*.stripecdn.com; img-src 'self' https://d1wqzb5bdbcre6.cloudfront.net https://stripe-camo.global.ssl.fastly.net https://*.stripecdn.com https://files.stripe.com; media-src 'self' https://*.stripecdn.com https://d37ugbyn3rpeym.cloudfront.net/videos/; script-src 'self' https://*.stripecdn.com 'report-sample'; style-src 'self' 'nonce-tk7PBqp/1EmYBFoer9XilA==' https://*.stripecdn.com
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
report-uri /csp-report?p=%3Aslug; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://*.stripecdn.com https://errors.stripe.com; font-src 'self' https://*.stripecdn.com; frame-ancestors 'self'; frame-src 'self' https://*.stripecdn.com; img-src 'self' https://d1wqzb5bdbcre6.cloudfront.net https://stripe-camo.global.ssl.fastly.net https://*.stripecdn.com https://files.stripe.com; media-src 'self' https://*.stripecdn.com https://d37ugbyn3rpeym.cloudfront.net/videos/; script-src 'self' https://*.stripecdn.com 'report-sample'; style-src 'self' 'nonce-tk7PBqp/1EmYBFoer9XilA==' https://*.stripecdn.com
content-type
text/html;charset=utf-8
date
Sun, 31 Jul 2022 20:18:36 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Jul 2022 20:18:35 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.8 PleskLin
location
https://climate.stripe.com/nWyy9v
autogen_animation-b886b036a7f03bcb88dc.js
b.stripecdn.com/climate-statics-srv/assets/js/ 		133 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/js/autogen_animation-b886b036a7f03bcb88dc.js
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ae4085a01dbdfd8637fe722b9a8957dfd1012341ae1ce9871f569dff7ed30e01
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA56-P3
date
Sun, 31 Jul 2022 20:18:38 GMT
vary
Accept-Encoding,Origin
x-cache
RefreshHit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
ES578cwH0F4hl4lkFqQp0nBK30lejRj81n0Bp3rE84oZMaE6mjlnVA==
etag
W/"9a6e09a3bd3fc6df591a59324e639af8"
autogen-b73451294543b9c0e34e.css
b.stripecdn.com/climate-statics-srv/assets/stylesheets/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/stylesheets/autogen-b73451294543b9c0e34e.css
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a92b15b0396cb42b2ceffc8a2fe2ba2914c02eeb841e4350ab7752967475d874
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA56-P3
date
Sun, 31 Jul 2022 20:18:38 GMT
vary
Accept-Encoding,Origin
x-cache
RefreshHit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
LQeFBpcVb1I3OtkSjlJNGq3IRJtkMK7Wntyp0pxEKbDivPsy4ySpOg==
etag
W/"d199e60c4542bfcc6429d25151aeed1c"
fullscreen_video_poster-c03ea021a97f8c4f8c9e.png
b.stripecdn.com/climate-statics-srv/assets/img/autogen/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/autogen/fullscreen_video_poster-c03ea021a97f8c4f8c9e.png
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
df0daeb5a341d8f041d4ca4dec0dad637de9e1ba4df8fd8bd2a7c9a3688acaae
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
date
Sun, 31 Jul 2022 20:18:38 GMT
content-length
3236
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
etag
"1f5b6d8a41777746fc69afff0f6eff29"
vary
Accept-Encoding,Origin
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
GcuflJuCmUk8TkSQRbR3bxuXQ8C-QBWbJ2U0jQALqcHJkFGBERYtuw==
close_icon-e4649f0cddb027f6b2b1.svg
b.stripecdn.com/climate-statics-srv/assets/img/autogen/ 		277 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/autogen/close_icon-e4649f0cddb027f6b2b1.svg
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
d0204ab736a0091a2c82e47b5dbccb23b908e7d2b81c6489358cf2d29330a8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
date
Sun, 31 Jul 2022 20:18:38 GMT
content-length
277
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
etag
"2ba48c94182ee8c91cf7f39c9ed4db76"
vary
Accept-Encoding,Origin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rUwAqzdxYNu1oq4OIMW3Xg6YoyWAsR9KtJ-svhf8qDv6eD8_o_weTA==
68747470733a2f2f66696c65732e7374726970652e636f6d2f6c696e6b732f4d44423859574e6a6446387854464a70546a6c4d6333526f65566c424d485a5a66475a7358327870646d56666156566e62446877643270515a6c68495158464f5347315...
d1wqzb5bdbcre6.cloudfront.net/0467294e6a9c820805927e8a7b4a7e19a7ec897bcca21822d221088f9a54b066/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wqzb5bdbcre6.cloudfront.net/0467294e6a9c820805927e8a7b4a7e19a7ec897bcca21822d221088f9a54b066/68747470733a2f2f66696c65732e7374726970652e636f6d2f6c696e6b732f4d44423859574e6a6446387854464a70546a6c4d6333526f65566c424d485a5a66475a7358327870646d56666156566e62446877643270515a6c68495158464f5347315051307843596a466b30304d476e4d356e456c
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:d000:9:7851:2b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
24f9ed8835adff2f3dbc525f7662309b2247013ec79b205dfb5479ad2cfeb802
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
via
1.1 96b3f0ca359697e92cd090a37a2e3bf4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
480
content-security-policy-report-only
report-uri /csp-report; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'unsafe-hashes' 'sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ=' 'sha256-Uok2etT07nimvrD0JBY/ZlYS3xAfAdOKAkUmemu2L5w=' 'sha256-/GsttfBxdlxoPqvqzTUg3Z8XmEm6Xr9QwYLeYSTCg5o=' 'sha256-M6Ysz0+Rk4NS0oJRgQlAcfTBnQYhP6Zx0KLoS2OqDb8=' 'sha256-kZIsqHPSISIo2t1pH7cXKP7WqETBpurMjGw/57SZwqg=' 'sha256-zMSqd3IdI0P85bMS1pHPulcrWrNFUbioxKEvO08Bg9I=' 'sha256-TRqlpmAiAzdBCZE1o+lQqVRTlYA6Pibo8B5RmAcBtX4=' 'sha256-oYDOcJ/3x3f2qweXt6aM6Dr/4bCdzSp+YjmworuYpAU='
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
323
content-length
6469
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 31 Jul 2022 20:09:15 GMT
server
Cloudfront
cross-origin-opener-policy
same-origin
date
Sun, 31 Jul 2022 20:10:37 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/png
cache-control
max-age=3600
etag
"bb1bd29e20873b7096ce94fce65eb3a5"
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
lEWvZp927PLJchAuOfkRxV16SKSM5iMmsHUtdIUamdc-29qdgSXiHw==
expires
0
climate_logo-7e2de8ca7243c666c6b0.svg
b.stripecdn.com/climate-statics-srv/assets/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/climate_logo-7e2de8ca7243c666c6b0.svg
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
c2425ed3d3ab3d0a596abefedbe16bb2230a8873e85b2f83ef083283dea9d82e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA56-P3
date
Sun, 31 Jul 2022 20:18:38 GMT
vary
Accept-Encoding,Origin
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
dd_4rC8DI93EcLj3SE0DqtZrPW09GWiPczPNJh6_pWRm6A57BlpSsg==
etag
W/"b107e65375b7bc8713b693cdd93b151d"
climeworks-84eb4a7402270abbba50.svg
b.stripecdn.com/climate-statics-srv/assets/img/autogen/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/autogen/climeworks-84eb4a7402270abbba50.svg
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
88200ad13898db996460965656c473c641b6c5a267cd1789397e8434dc119ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA56-P3
date
Sun, 31 Jul 2022 20:18:38 GMT
vary
Accept-Encoding,Origin
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
DjwPUsApHRDIKdCbRao65yD36A3aF-7baVZy3mBhHqDT_xJMx-EmDA==
etag
W/"51fafb6950f9db7cfa3c12084e59de8f"
play-00e44dbfb1facdb0642f.svg
b.stripecdn.com/climate-statics-srv/assets/img/autogen/ 		597 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/autogen/play-00e44dbfb1facdb0642f.svg
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
82f6fd960f0322c9119107bc6d6f7f7fee0f6e74ece82fb296906a09b9134b94
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
date
Sun, 31 Jul 2022 20:18:38 GMT
content-length
597
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
etag
"0de6c4776494926de48528a77690f0a6"
vary
Accept-Encoding,Origin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
wypL8snqUKBFKjjzU_3oV4_n9CclaXxUQbU6EpjUxwtz0gd1hU49eA==
charm-6e6bd91ffb42daab0af5.svg
b.stripecdn.com/climate-statics-srv/assets/img/autogen/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/autogen/charm-6e6bd91ffb42daab0af5.svg
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
c18310ea88f146aa1c7c35fd7b266fe8c0e6636bd3f324311be94fd2c68b23f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
x-amz-cf-pop
FRA56-P3
date
Sun, 31 Jul 2022 20:18:38 GMT
vary
Accept-Encoding,Origin
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
WCxXnUXnzuZhaB8c_fdSQfovLHmTEP0TsIKfraO8rAVZfMttPu-mOQ==
etag
W/"ca70a39d3416bc1906a1f9b8f5aa9e22"
csp-report
climate.stripe.com/ 		0
286 B 		Other
General
Check archive.org
Download Go to
Full URL
https://climate.stripe.com/csp-report?p=%3Aslug
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.74.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-74-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://climate.stripe.com/nWyy9v
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 31 Jul 2022 20:18:36 GMT
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
text/plain;charset=utf-8
fullscreen_image-409b4dfc00309c8e6544.jpeg
b.stripecdn.com/climate-statics-srv/assets/img/autogen/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/img/autogen/fullscreen_image-409b4dfc00309c8e6544.jpeg
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
209e6059bd1393b9001c308da1a4afcde1ae324ea4d2ddf614d3a3d8af121ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://climate.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
date
Sun, 31 Jul 2022 20:18:38 GMT
content-length
1119465
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
etag
"bcdd9ec0bcd3134724bbd3f12877d2d3"
vary
Accept-Encoding,Origin
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JnYyPGn05TT7tp4TDajw0lNHq59DJ_2LROxEqG_qYoDRmoMHZqAGJw==
Sohne-latin-basic-ed9992f2a95dc81a4e30.woff2
b.stripecdn.com/climate-statics-srv/assets/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/fonts/Sohne-latin-basic-ed9992f2a95dc81a4e30.woff2
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a70f804685af6a1a13cb0b3cfef6c6f031e9ce04d9c2e7690fdcd87cc6135ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://climate.stripe.com/
Origin
https://climate.stripe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
date
Sun, 31 Jul 2022 20:18:39 GMT
content-length
35696
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
etag
"5d2af990ac3bd41d393b8ecb38502a44"
vary
Accept-Encoding,Origin
content-type
font/woff2
access-control-allow-origin
https://climate.stripe.com
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZU66XYI7_g8NuJnjtIZ_PBNQKushYaUnFMj1nsrJ_0LdsanhYjlQ_Q==
Sohne-minus-latin-basic-79d1d64f2bca336d2330.woff2
b.stripecdn.com/climate-statics-srv/assets/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/climate-statics-srv/assets/fonts/Sohne-minus-latin-basic-79d1d64f2bca336d2330.woff2
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7200:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e706cd1376e3850cd12bcfb21febee63358cb54c6545b0d92b9ec2e2758c5038
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://climate.stripe.com/
Origin
https://climate.stripe.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P3
x-cache
RefreshHit from cloudfront
date
Sun, 31 Jul 2022 20:18:39 GMT
content-length
34436
last-modified
Wed, 27 Jul 2022 21:00:59 GMT
server
Cloudfront
etag
"bc99ec9ccbbbd82ef91e9bcc54a794c5"
vary
Accept-Encoding,Origin
content-type
font/woff2
access-control-allow-origin
https://climate.stripe.com
cache-control
max-age=31536000, public
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
uYJ7OQl9VxE_RTTSKuZnw9RKJfWeod8hK1aFOvqsHDvb2NM0DHEDkg==
climeworks-v4-060421-trimmed.mp4
d37ugbyn3rpeym.cloudfront.net/videos/climate/ 		33 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d37ugbyn3rpeym.cloudfront.net/videos/climate/climeworks-v4-060421-trimmed.mp4
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c000:7:fbfb:bf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://climate.stripe.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
XpG02sR9SCJHUH6vR6QO0SIbTmXXiu5I
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
etag
"eaf0a4a44acdcbb7788e20beb8bbc5fb"
age
1919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-8799233/8799234
Content-Length
8799234
last-modified
Thu, 01 Jul 2021 23:43:16 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 20:18:37 GMT
vary
Accept-Encoding
content-type
video/mp4
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
KL34rCZT6S6AfWbEeBfIof0UoZMdIOLDZpFVM9r3XUV3sSdFowPW6w==
charm-v3-061821-trimmed.mp4
d37ugbyn3rpeym.cloudfront.net/videos/climate/ 		33 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d37ugbyn3rpeym.cloudfront.net/videos/climate/charm-v3-061821-trimmed.mp4
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c000:7:fbfb:bf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://climate.stripe.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
n2j5RDlbiC9v4OiSvKwAmYa548lC6b8y
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
etag
"cf7b9f192c6d5911afe02da8b673aaa4"
age
1919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-8529675/8529676
Content-Length
8529676
last-modified
Thu, 01 Jul 2021 23:43:22 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 20:18:37 GMT
vary
Accept-Encoding
content-type
video/mp4
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
csIYTlCtOK-5Wsa_Tosc9RkDpPDPRG4_4dVuA3PI-SFpSsXR1tIUyA==
charm-v3-061821-trimmed.mp4
d37ugbyn3rpeym.cloudfront.net/videos/climate/ 		10 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d37ugbyn3rpeym.cloudfront.net/videos/climate/charm-v3-061821-trimmed.mp4
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c000:7:fbfb:bf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdf048fa7f814468302718d7e11393a65db623ca06416cbf025793843c2b0830

Request headers

Referer
https://climate.stripe.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=8519680-

Response headers

x-amz-version-id
n2j5RDlbiC9v4OiSvKwAmYa548lC6b8y
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
etag
"cf7b9f192c6d5911afe02da8b673aaa4"
age
1919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 8519680-8529675/8529676
Content-Length
9996
last-modified
Thu, 01 Jul 2021 23:43:22 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 20:18:37 GMT
vary
Accept-Encoding
content-type
video/mp4
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
JMhGQHDfY8xgMCi6Mfvbtq0GP3JDKljtwbA9av1OSeLVtLRwhJgrwA==
climeworks-v4-060421-trimmed.mp4
d37ugbyn3rpeym.cloudfront.net/videos/climate/ 		17 KB
17 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://d37ugbyn3rpeym.cloudfront.net/videos/climate/climeworks-v4-060421-trimmed.mp4
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c000:7:fbfb:bf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d9c233c7f692a63f1cd76dc7790f68710b55a4b06bea3f199c3824e6fc7a77a

Request headers

Referer
https://climate.stripe.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=8781824-

Response headers

x-amz-version-id
XpG02sR9SCJHUH6vR6QO0SIbTmXXiu5I
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
etag
"eaf0a4a44acdcbb7788e20beb8bbc5fb"
age
1919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 8781824-8799233/8799234
Content-Length
17410
last-modified
Thu, 01 Jul 2021 23:43:16 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 20:18:37 GMT
vary
Accept-Encoding
content-type
video/mp4
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
os20Ap2aaumzRtBVgIur9yRoHTyOazqlDYfvH0SyydDjt4LIJhyt5w==
charm-v3-061821-trimmed.mp4
d37ugbyn3rpeym.cloudfront.net/videos/climate/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d37ugbyn3rpeym.cloudfront.net/videos/climate/charm-v3-061821-trimmed.mp4
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c000:7:fbfb:bf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://climate.stripe.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
n2j5RDlbiC9v4OiSvKwAmYa548lC6b8y
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
etag
"cf7b9f192c6d5911afe02da8b673aaa4"
age
1919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 32768-8529675/8529676
Content-Length
8496908
last-modified
Thu, 01 Jul 2021 23:43:22 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 20:18:37 GMT
vary
Accept-Encoding
content-type
video/mp4
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
tV0-xeQCaC9rO0bacYVZv9Cl3YM1VJ8q9gbPZn2klRBPgGblebYdBQ==
climeworks-v4-060421-trimmed.mp4
d37ugbyn3rpeym.cloudfront.net/videos/climate/ 		8 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d37ugbyn3rpeym.cloudfront.net/videos/climate/climeworks-v4-060421-trimmed.mp4
Requested by
Host: climate.stripe.com
URL: https://climate.stripe.com/nWyy9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c000:7:fbfb:bf80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://climate.stripe.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
XpG02sR9SCJHUH6vR6QO0SIbTmXXiu5I
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
etag
"eaf0a4a44acdcbb7788e20beb8bbc5fb"
age
1919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 32768-8799233/8799234
Content-Length
8766466
last-modified
Thu, 01 Jul 2021 23:43:16 GMT
server
AmazonS3
date
Sun, 31 Jul 2022 20:18:37 GMT
vary
Accept-Encoding
content-type
video/mp4
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
JB0XGp81bkl9NkU_yU7FN1ILuCqbaNjC60xqzDA7Tn1vUCdwpYfKzw==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

1 Cookies

Domain/Path Name / Value
climate.stripe.com/ Name: stripe.climate.csrf
Value: scMMv4Ba-kFU43CfK3jxddG2sIKzRaaRwxiGB-pXy2dQkwSj9DCjIdPxQaoeS_vLA-Ii3QN2UTZechBuHhjO3zw-AdPWta98CiWKHZolomiCeZRZQXtLbWcpgXmcqgPuZvqcVDDzHQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri /csp-report?p=%3Aslug; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://*.stripecdn.com https://errors.stripe.com; font-src 'self' https://*.stripecdn.com; frame-ancestors 'self'; frame-src 'self' https://*.stripecdn.com; img-src 'self' https://d1wqzb5bdbcre6.cloudfront.net https://stripe-camo.global.ssl.fastly.net https://*.stripecdn.com https://files.stripe.com; media-src 'self' https://*.stripecdn.com https://d37ugbyn3rpeym.cloudfront.net/videos/; script-src 'self' https://*.stripecdn.com 'report-sample'; style-src 'self' 'nonce-tk7PBqp/1EmYBFoer9XilA==' https://*.stripecdn.com
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN