urlscan.io logo urlscan.io
SecurityTrails logo

payment.sourceweb.cloud Open in urlscan Pro
2606:4700:4400::ac40:9034  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.pay-2.teissl.info/
Effective URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Submission: On June 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 48 HTTP transactions. The main IP is 2606:4700:4400::ac40:9034, located in United States and belongs to CLOUDFLARENET, US. The main domain is payment.sourceweb.cloud.
TLS certificate: Issued by E1 on May 22nd 2024. Valid for: 3 months.
This is the only time payment.sourceweb.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 85.13.147.92 34788 (NMM-AS D)
1 2606:4700:440... 13335 (CLOUDFLAR...)
42 151.101.64.176 54113 (FASTLY)
2 198.137.150.201 16509 (AMAZON-02)
3 2600:9000:236... 16509 (AMAZON-02)
48 4
1    85.13.147.92 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd21506.kasserver.com
www.pay-2.teissl.info
1    2606:4700:4400::ac40:9034 (United States)

ASN13335 (CLOUDFLARENET, US)
payment.sourceweb.cloud
42    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    198.137.150.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
3    2600:9000:2368:2e00:9:7851:2b80:21 (United States)

ASN16509 (AMAZON-02, US)
d1wqzb5bdbcre6.cloudfront.net
Apex Domain
Subdomains		 Transfer
44 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1516
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 8360
890 KB
3 cloudfront.net
d1wqzb5bdbcre6.cloudfront.net
59 KB
1 sourceweb.cloud
payment.sourceweb.cloud
82 KB
1 teissl.info
www.pay-2.teissl.info
118 B
48 4
Domain Requested by
42 js.stripe.com payment.sourceweb.cloud
js.stripe.com
3 d1wqzb5bdbcre6.cloudfront.net
2 merchant-ui-api.stripe.com payment.sourceweb.cloud
1 payment.sourceweb.cloud
1 www.pay-2.teissl.info 1 redirects
48 5

This site contains links to these domains. Also see Links.

Domain
informatics.sourceweb.ag
www.sourceweb.ag
stripe.com
Subject Issuer Validity Valid
payment.sourceweb.cloud
E1		 2024-05-22 -
2024-08-20		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2024-05-07 -
2024-08-08		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 10 frames:

Primary Page: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Frame ID: B7EBBE929A388C8FDC8EE882048F6BFB
Requests: 39 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: F6B720FA99A27C843AE3FD1DBEFC45C9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C8A6B3012D637F85EBC494031AFCA233
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-5d9721000406499f4c8e8ed2ec3291a7.html
Frame ID: 9FB9EBAB04F9CD1F760646E77B012B10
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/logger-transport-iframe-3433709ad5caee3bb4a5805c6d0063f4.html
Frame ID: BAE64DCD0974B06D55AC6D1B2FDAF102
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/link-login-inner-2572753e4f0832e3dd8d331769cdba99.html
Frame ID: 3B31FEAAAD48C7128717DAC0BA1EF833
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/checkout-inner-origin-frame-fd02f84280c79b1d3765f438e8333517.html
Frame ID: 922365D21F0EC5B37CF39DAE84F869B2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/checkout-inner-address-autocomplete-17a1b47732015b85e2a5d180250f3c57.html
Frame ID: 758A4625D38CF4E0D5482B8E26DCAC2E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-623e9757dc528811a6f701a8d765fc1d.html
Frame ID: D3474F87A5D44AF412894F46D200BB86
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-e45109dd8212f04f633ff5cbb44528e9.html
Frame ID: 25FF109680FC14AC80F7B84BA2BBF262
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SourceWeb Group

Page URL History Show full URLs

  1. https://www.pay-2.teissl.info/ HTTP 307
    https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

48
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1031 kB
Transfer

4052 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.pay-2.teissl.info/ HTTP 307
    https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6oEfZBanj1xn532aEH
payment.sourceweb.cloud/b/
Redirect Chain
  • https://www.pay-2.teissl.info/
  • https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
293 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66cf72567de91d73dcaddf3dbb164d30ebf802a3c6a551317712658dedca8e2e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-MhJXriqz7P/nM/kr2Yx1NMDOvpWN8q2Gj8Kfm89ipjk=' 'sha256-Rs7zoycEGz8Aoh9NxrpDQaZ9oV27ZjlGKVOcL1V1ntA=' 'sha256-Rs5nby0qXCZXF9fQcSPnjYoZZZwSqMHv7dzfKmWl4yQ='; style-src 'self' https://js.stripe.com 'sha256-FLfzCmfmG72/B/W2L2O3OsoVkhq9pQvCH0CM5OItwxU='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
81
cache-control
max-age=60, stale-while-revalidate=900
cf-cache-status
DYNAMIC
cf-ray
8918e2e87a5f9be6-FRA
content-encoding
gzip
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-MhJXriqz7P/nM/kr2Yx1NMDOvpWN8q2Gj8Kfm89ipjk=' 'sha256-Rs7zoycEGz8Aoh9NxrpDQaZ9oV27ZjlGKVOcL1V1ntA=' 'sha256-Rs5nby0qXCZXF9fQcSPnjYoZZZwSqMHv7dzfKmWl4yQ='; style-src 'self' https://js.stripe.com 'sha256-FLfzCmfmG72/B/W2L2O3OsoVkhq9pQvCH0CM5OItwxU='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
last-modified
Fri, 07 Jun 2024 20:40:45 GMT
server
cloudflare
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
x-amz-cf-id
BgUPHOXlAtcCcaFT8bMAMkLNhx0Fv7LdNBGMT20f8V00Iaz2x2a5dw==
x-amz-cf-pop
VIE50-P1
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff

Redirect headers

content-length
262
content-type
text/html; charset=iso-8859-1
date
Mon, 10 Jun 2024 11:05:27 GMT
location
https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
server
Apache
checkout-app-init-d3538c698901758bb0019b5fad136c44.js
js.stripe.com/v3/fingerprinted/js/ 		2 MB
407 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/checkout-app-init-d3538c698901758bb0019b5fad136c44.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
30efa52e3f86849a9348f9a7ba91abe34101726b68b844d5019cee6279f631da
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
226664
x-cache
HIT
content-length
415957
x-request-id
b16d4f9a-eb35-4e66-97db-f4f577f88af0
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Fri, 07 Jun 2024 20:04:12 GMT
server
Fastly
etag
"760affaceaed0e8f9a8ba2929998eb74"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
checkout-app-init-add972f8cba17323f0a0521629d52fb7.css
js.stripe.com/v3/fingerprinted/css/ 		333 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/checkout-app-init-add972f8cba17323f0a0521629d52fb7.css
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
17c31590afc82a48c11cb3e13e8797d13e58e2296af6b9913d6827e53eede025
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
236920
x-cache
HIT
content-length
41476
x-request-id
664ebaea-b9bf-49e9-9902-15b4ee5901f4
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Fri, 07 Jun 2024 17:13:12 GMT
server
Fastly
etag
"ee1ee9f2ceaad08726217340144058a4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
730
vendor-e1352ef3898471daf90ce770ec9e7206.js
js.stripe.com/v3/fingerprinted/js/ 		391 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/vendor-e1352ef3898471daf90ce770ec9e7206.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
46e93f40da560ea7e8c3bbd32af23481dc1544d0c6ded71bb731e7d6c4b489c4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
226664
x-cache
HIT
content-length
116132
x-request-id
5ee44d60-c964-49fa-8194-efaa91e19b86
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Fri, 07 Jun 2024 20:04:16 GMT
server
Fastly
etag
"c0d14b495f456636f7128fbd81403467"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
762
stripe-060e5f38557b5796ab403b513a40eb14.js
js.stripe.com/v3/fingerprinted/js/ 		611 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/stripe-060e5f38557b5796ab403b513a40eb14.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e6065dea915063a7c89f4592e32e0208701b281d55f3077e3bde07bcfd31b02b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
226858
x-cache
HIT
content-length
171962
x-request-id
569d4bad-fbcf-4d83-8380-ff889419d8f9
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Fri, 07 Jun 2024 20:04:16 GMT
server
Fastly
etag
"f29bbd0469f158a894e4f9c36caadf11"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
.deploy_status_henson.json
js.stripe.com/v3/ 		474 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dab52155b2a24b0bfb120c2cd4b4b595d3dd0d8f2c459a284eda541ff2e40bac
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://payment.sourceweb.cloud/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 11:05:27 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
48
x-cache
HIT
content-length
293
x-request-id
426ac0a9-638e-41f1-be36-12a3fb64f79a
x-served-by
cache-fra-eddf8230101-FRA
last-modified
Fri, 07 Jun 2024 20:40:46 GMT
server
Fastly
etag
"0eb11d87df0d6696c7822aeca49f6045"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
6oEfZBanj1xn532aEH
merchant-ui-api.stripe.com/payment-links/ 		184 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/payment-links/6oEfZBanj1xn532aEH
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
96fcfc76dfff06d71b18feb4aa9a042ee41d215ef8edf7924bc1d2bbdaa9312f
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://payment.sourceweb.cloud/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 11:05:27 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
request-id
req_ReVcgFhjjzUKzL
content-length
184
reporting-endpoints
coop="https://q.stripe.com/coop-report?s=merchant-ui-api-srv"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
POST, GET
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
report-to
{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=merchant-ui-api-srv"}],"include_subdomains":true}
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Origin
x-robots-tag
none
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to="coop"
expires
0
6oEfZBanj1xn532aEH
merchant-ui-api.stripe.com/payment-links/ 		20 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/payment-links/6oEfZBanj1xn532aEH
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
931d02167d5586ed82a49608dd6b232c71ef108c1cb9ea9bca98ab4bcf62d9ca
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://payment.sourceweb.cloud/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 11:05:28 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
request-id
req_9B71PUHbKGNu8f
content-length
20800
reporting-endpoints
coop="https://q.stripe.com/coop-report?s=merchant-ui-api-srv"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
POST, GET
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
report-to
{"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=merchant-ui-api-srv"}],"include_subdomains":true}
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Origin
x-robots-tag
none
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to="coop"
expires
0
387-4c3d897fc52d80cb4b5fdc1fdf58d646.js
js.stripe.com/v3/fingerprinted/js/ 		149 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/387-4c3d897fc52d80cb4b5fdc1fdf58d646.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b52c33d9d5730f7814f910f993e778793d3edbf88d628c013825b6a5bc93efaa
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
2375102
x-cache
HIT
content-length
39805
x-request-id
870065cc-0242-4638-9b87-b2fe96d1c7fc
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 20 Feb 2024 21:32:35 GMT
server
Fastly
etag
"460c96df2655f2c674dd81329ab7d3fc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10353
phone-numbers-lib-f4657cc5a15a0de2478903bd074d5cfe.js
js.stripe.com/v3/fingerprinted/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f4657cc5a15a0de2478903bd074d5cfe.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8c40c9aa27800c8e402f2595449992967f4986718038436bd0319c7bee309d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
2375102
x-cache
HIT
content-length
1110
x-request-id
803acc9b-3230-43a0-b226-efdf353b7469
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 20 Feb 2024 21:32:39 GMT
server
Fastly
etag
"237af17788f389fdec58e37ce4c55558"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10145
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame F6B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-060e5f38557b5796ab403b513a40eb14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.sourceweb.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1580336
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
522148
x-content-type-options
nosniff
x-request-id
5bd9ba63-d2f5-49d0-869e-317575ffe768
x-served-by
cache-fra-eddf8230151-FRA
favicon.ico
js.stripe.com/v3/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
56e9db1f01ad56002df3b97b46923db0c98fc10a3aa949d8500cb6b12e92246c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:27 GMT
via
1.1 varnish
age
6
x-cache
HIT
content-length
1446
x-request-id
996b7483-043c-41bf-abfd-57cb376aff19
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Thu, 30 May 2024 03:25:53 GMT
server
Fastly
etag
"788402a97fdf8b2c198e9dd94d3530b2"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C8A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-060e5f38557b5796ab403b513a40eb14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.sourceweb.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1580336
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
522148
x-content-type-options
nosniff
x-request-id
5bd9ba63-d2f5-49d0-869e-317575ffe768
x-served-by
cache-fra-eddf8230151-FRA
controller-5d9721000406499f4c8e8ed2ec3291a7.html
js.stripe.com/v3/ Frame 9FB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-5d9721000406499f4c8e8ed2ec3291a7.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-060e5f38557b5796ab403b513a40eb14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.sourceweb.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
25
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
etag
"5d9721000406499f4c8e8ed2ec3291a7"
last-modified
Fri, 07 Jun 2024 20:04:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
a3e187cf-6275-4fcc-9a25-8735cfefe3e5
x-served-by
cache-fra-eddf8230151-FRA
.deploy_status_henson.json
js.stripe.com/v3/ 		474 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dab52155b2a24b0bfb120c2cd4b4b595d3dd0d8f2c459a284eda541ff2e40bac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://payment.sourceweb.cloud/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 11:05:27 GMT
content-encoding
br
via
1.1 varnish
age
48
x-cache
HIT
content-length
293
x-request-id
426ac0a9-638e-41f1-be36-12a3fb64f79a
x-served-by
cache-fra-eddf8230101-FRA
last-modified
Fri, 07 Jun 2024 20:40:46 GMT
server
Fastly
etag
"0eb11d87df0d6696c7822aeca49f6045"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
logger-transport-iframe-3433709ad5caee3bb4a5805c6d0063f4.html
js.stripe.com/v3/ Frame BAE6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/logger-transport-iframe-3433709ad5caee3bb4a5805c6d0063f4.html
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://r.stripe.com https://js.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'none'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
226662
cache-control
max-age=31536000
content-encoding
br
content-length
161
content-security-policy
base-uri 'none'; connect-src https://r.stripe.com https://js.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'none'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src https://r.stripe.com https://js.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'none'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
etag
"3433709ad5caee3bb4a5805c6d0063f4"
last-modified
Fri, 07 Jun 2024 20:04:16 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
599
x-content-type-options
nosniff
x-request-id
9ac23f53-b0b8-425a-9191-c6ffcb525efb
x-served-by
cache-fra-eddf8230151-FRA
link-login-inner-2572753e4f0832e3dd8d331769cdba99.html
js.stripe.com/v3/ Frame 3B31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/link-login-inner-2572753e4f0832e3dd8d331769cdba99.html
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' 'sha256-5rIGqz5cp6jvKjP4z5Wn71wjiEfdmFajdtnFvWJPUVo='; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
16832
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' 'sha256-5rIGqz5cp6jvKjP4z5Wn71wjiEfdmFajdtnFvWJPUVo='; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
etag
"2572753e4f0832e3dd8d331769cdba99"
last-modified
Fri, 07 Jun 2024 20:04:16 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
0cb5125d-153c-4e4b-8218-f60f32715ec6
x-served-by
cache-fra-eddf8230151-FRA
checkout-inner-origin-frame-fd02f84280c79b1d3765f438e8333517.html
js.stripe.com/v3/ Frame 9223 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/checkout-inner-origin-frame-fd02f84280c79b1d3765f438e8333517.html
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://api.stripe.com https://r.stripe.com https://js.stripe.com; default-src 'none'; font-src 'none'; form-action 'none'; img-src 'none'; object-src 'none'; script-src 'self' 'sha256-el2lqzx10aKkXCSHBZfL2Stv/8Vg+YUV+avAsbZbPZw='; style-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.sourceweb.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
226664
cache-control
max-age=31536000
content-encoding
br
content-length
15205
content-security-policy
base-uri 'none'; connect-src https://api.stripe.com https://r.stripe.com https://js.stripe.com; default-src 'none'; font-src 'none'; form-action 'none'; img-src 'none'; object-src 'none'; script-src 'self' 'sha256-el2lqzx10aKkXCSHBZfL2Stv/8Vg+YUV+avAsbZbPZw='; style-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:27 GMT
etag
"fd02f84280c79b1d3765f438e8333517"
last-modified
Fri, 07 Jun 2024 20:04:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
680
x-content-type-options
nosniff
x-request-id
1abbd299-f13a-42a9-90db-9989b9569041
x-served-by
cache-fra-eddf8230151-FRA
8433-b17676d79d5ed5e8ce63a9a21a31a4e2.js
js.stripe.com/v3/fingerprinted/js/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/8433-b17676d79d5ed5e8ce63a9a21a31a4e2.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3ad85dc97c49a1271a20d073e60a6ba0af2b85c9f365885d5345d10c1840ac6c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
3571299
x-cache
HIT
content-length
21013
x-request-id
b42cc76e-bb5f-4223-9dd4-df50c5005b95
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Wed, 10 Apr 2024 20:02:03 GMT
server
Fastly
etag
"25fc8ff9197cf6ff759333f0dc82c371"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10201
sentry-react-d87e13cdf6e71390a047ff4099148cdb.js
js.stripe.com/v3/fingerprinted/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/sentry-react-d87e13cdf6e71390a047ff4099148cdb.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
40344e8b126a75408f187a246c6da3491faad56a2a4de46542c689ded5fcf73a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2974012
x-cache
HIT
content-length
10416
x-request-id
04e0f8ef-5c07-47f4-a082-68d1401bd5f2
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Wed, 10 Apr 2024 20:02:07 GMT
server
Fastly
etag
"0a14fe5e358e4b1e008940a0366a0598"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10166
.deploy_status_henson.json
js.stripe.com/v3/ 		474 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
dab52155b2a24b0bfb120c2cd4b4b595d3dd0d8f2c459a284eda541ff2e40bac

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://payment.sourceweb.cloud/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 11:05:27 GMT
content-encoding
br
via
1.1 varnish
age
48
x-cache
HIT
content-length
293
x-request-id
426ac0a9-638e-41f1-be36-12a3fb64f79a
x-served-by
cache-fra-eddf8230101-FRA
last-modified
Fri, 07 Jun 2024 20:40:46 GMT
server
Fastly
etag
"0eb11d87df0d6696c7822aeca49f6045"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
16
checkout-inner-address-autocomplete-17a1b47732015b85e2a5d180250f3c57.html
js.stripe.com/v3/ Frame 758A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/checkout-inner-address-autocomplete-17a1b47732015b85e2a5d180250f3c57.html
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://r.stripe.com; default-src 'none'; form-action 'none'; frame-src https://b.stripecdn.com; script-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
225519
cache-control
max-age=31536000
content-encoding
br
content-length
170
content-security-policy
base-uri 'none'; connect-src https://r.stripe.com; default-src 'none'; form-action 'none'; frame-src https://b.stripecdn.com; script-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:28 GMT
etag
"17a1b47732015b85e2a5d180250f3c57"
last-modified
Fri, 07 Jun 2024 20:04:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
119
x-content-type-options
nosniff
x-request-id
54a665a2-475c-4df5-a373-3b271f529ea9
x-served-by
cache-fra-eddf8230151-FRA
icon-97772e52ade1551231feadc85693a548.css
js.stripe.com/v3/fingerprinted/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/icon-97772e52ade1551231feadc85693a548.css
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7fac5aedb949ad5f2fe93191bd479e8e99c9cdf0b40d7d68da9e18057270de3a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2740763
x-cache
HIT
content-length
1431
x-request-id
54fb5259-0d91-4c6f-b4bc-dd5240587361
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Thu, 09 May 2024 17:08:02 GMT
server
Fastly
etag
"935521bed116cbbfab9eb7408f11063b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6087
icon-a3a700493340b1e8389369f900351be0.js
js.stripe.com/v3/fingerprinted/js/ 		129 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/icon-a3a700493340b1e8389369f900351be0.js
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d7ef1c065a6ad3e8e6c01bb749bca17873656902e77d8066481d68d0fcff3126
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
496731
x-cache
HIT
content-length
40631
x-request-id
1741c6fb-1422-4a1a-855a-d525475aae11
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 04 Jun 2024 17:05:36 GMT
server
Fastly
etag
"559e8c0a8861c366ef4d10cead141a4a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1772
payment-request-inner-google-pay-623e9757dc528811a6f701a8d765fc1d.html
js.stripe.com/v3/ Frame D347 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-623e9757dc528811a6f701a8d765fc1d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-060e5f38557b5796ab403b513a40eb14.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://payment.sourceweb.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
226753
cache-control
max-age=31536000
content-encoding
br
content-length
185
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:28 GMT
etag
"623e9757dc528811a6f701a8d765fc1d"
last-modified
Fri, 07 Jun 2024 20:04:16 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1816
x-content-type-options
nosniff
x-request-id
8fae11c1-7e1f-4d42-b3a7-6af70557056b
x-served-by
cache-fra-eddf8230151-FRA
68747470733a2f2f66696c65732e7374726970652e636f6d2f6c696e6b732f4d44423859574e6a6446387852306f7a5a544a4a6333683652574a755756457866475a7358327870646d56665a464d7a61326450637a425251586c524e6e6c56636e427...
d1wqzb5bdbcre6.cloudfront.net/09a5c7ce7507c3dbd7bfbf06fba7f96894b23e758f45aad8225251e1a3f97913/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wqzb5bdbcre6.cloudfront.net/09a5c7ce7507c3dbd7bfbf06fba7f96894b23e758f45aad8225251e1a3f97913/68747470733a2f2f66696c65732e7374726970652e636f6d2f6c696e6b732f4d44423859574e6a6446387852306f7a5a544a4a6333683652574a755756457866475a7358327870646d56665a464d7a61326450637a425251586c524e6e6c56636e42744d31704b56446c4e30306638706371756b54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:2e00:9:7851:2b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
5f472359f3a4ebc2e5f1dd6f0f5577f45b167dd5e8d649b495aee28ab0ad97fe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1717948820795244
via
1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 11:05:29 GMT
x-amz-cf-pop
HEL51-P1
content-security-policy-report-only
report-uri /csp-report; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'unsafe-hashes' 'sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ=' 'sha256-Uok2etT07nimvrD0JBY/ZlYS3xAfAdOKAkUmemu2L5w=' 'sha256-/GsttfBxdlxoPqvqzTUg3Z8XmEm6Xr9QwYLeYSTCg5o=' 'sha256-M6Ysz0+Rk4NS0oJRgQlAcfTBnQYhP6Zx0KLoS2OqDb8=' 'sha256-kZIsqHPSISIo2t1pH7cXKP7WqETBpurMjGw/57SZwqg=' 'sha256-zMSqd3IdI0P85bMS1pHPulcrWrNFUbioxKEvO08Bg9I=' 'sha256-TRqlpmAiAzdBCZE1o+lQqVRTlYA6Pibo8B5RmAcBtX4=' 'sha256-oYDOcJ/3x3f2qweXt6aM6Dr/4bCdzSp+YjmworuYpAU='
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
267
content-length
10097
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sat, 04 Feb 2023 15:10:48 GMT
server
Cloudfront
cross-origin-opener-policy
same-origin
etag
"69e08acabfb074524c9ff5d2fb1cb95d"
vary
Accept-Encoding
content-type
image/jpeg
x-stripe-server-envoy-upstream-service-time-ms
265
x-stripe-client-envoy-start-time-us
1717948820794300
cache-control
max-age=3600
x-envoy-attempt-count
1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
mi7biGRB60_r9Zm-igif088zCeEn7NIfBqEH4qSFxgTJyJv3oBBiXA==
expires
0
icon-pm-paypal-0383a0ae3febbf0c0d8e721737884ab0.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		1 KB
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-paypal-0383a0ae3febbf0c0d8e721737884ab0.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8032162b5295b56830a762c2e33170768880ff486d1029a6db021202fd6e50f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
4187205
x-cache
HIT
content-length
586
x-request-id
2005bb05-ed9f-489e-97a6-19b698a03a69
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Thu, 28 Mar 2024 20:07:06 GMT
server
Fastly
etag
"ec192a239dc6d381ef409383c6232669"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2332
icon-pm-giropay-ac2e93b3fbd95f735b676064e6f47996.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		2 KB
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-giropay-ac2e93b3fbd95f735b676064e6f47996.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
11e2643c5a770c1b175a16505f522089b494a4938005618c4943c4713b2ab576
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
3546632
x-cache
HIT
content-length
778
x-request-id
79fe8afa-8679-489b-b106-f4a350742bd2
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Mon, 25 Sep 2023 20:02:43 GMT
server
Fastly
etag
"636907db61082f442c0702453ed6374a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2930
icon-pm-mobilepay-74c4b329147fd3eba9af5c7466b70a68.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-mobilepay-74c4b329147fd3eba9af5c7466b70a68.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
92eb757f37564445f160854be4405096645e482264aa3fe5731c6257cc6dd33c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
549453
x-cache
HIT
content-length
824
x-request-id
3ffa53ad-761e-4e52-9a6f-f2f3b4a9c1e5
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Fri, 22 Mar 2024 20:03:09 GMT
server
Fastly
etag
"61cf63b382bcc2868d9468ffc9bad4e1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
icon-pm-eps-a79e75517cae239fc4ddfa2fbdb73b46.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-eps-a79e75517cae239fc4ddfa2fbdb73b46.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0521fb2f48cc1985084e75f458a4d041d91972ea54f708b2976a3fdff8f54fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
433514
x-cache
HIT
content-length
974
x-request-id
2ea3f968-dce9-4637-937e-0de979a93121
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Mon, 02 Oct 2023 21:38:30 GMT
server
Fastly
etag
"ac2b7454dc5f52739f53afb209448dc4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76
icon-pm-bancontact-c6d62da104212dacefee6ea12a070237.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		965 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-bancontact-c6d62da104212dacefee6ea12a070237.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ee3095228fd2ee756e1d360104d2f012c9d935585076bc168ac1ed736c8bc7dc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2272433
x-cache
HIT
content-length
547
x-request-id
4bfb436e-5bed-4f96-a543-42508d93f2d5
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 19 Sep 2023 20:03:57 GMT
server
Fastly
etag
"e14d2f978b97166df1f37523cc59fa83"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
icon-pm-p24-680f81150a94ae5da954d8bde657486e.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-p24-680f81150a94ae5da954d8bde657486e.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
abdb79536d2ec6ac277df39edbbd14e1d4cf84d3a5609ef96b9a4c0ffd96e1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2193040
x-cache
HIT
content-length
930
x-request-id
8c073f48-20c9-4e3e-99d1-56045df0adb5
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Wed, 20 Sep 2023 21:36:10 GMT
server
Fastly
etag
"973631e83be2fa7f065deb429e58d8e6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
46
icon-pm-ideal-608d5ba5730f82c25f122960ccaa9836.svg
js.stripe.com/v3/fingerprinted/img/payment-methods/ 		831 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/payment-methods/icon-pm-ideal-608d5ba5730f82c25f122960ccaa9836.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b81920b3178972c454bb4918666b7a03b5cc9ab3267c91309ffefcb52e36c141
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
1156427
x-cache
HIT
content-length
422
x-request-id
afbe9f02-ed6c-4451-bda5-9a05614bcb19
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 26 Sep 2023 23:09:09 GMT
server
Fastly
etag
"68e486921cf39e7a9a88d8e5bde40769"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
31
hcaptcha-invisible-e45109dd8212f04f633ff5cbb44528e9.html
js.stripe.com/v3/ Frame 25FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-e45109dd8212f04f633ff5cbb44528e9.html
Requested by
Host: payment.sourceweb.cloud
URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-8jSKIoz3vKtFdLYKA/pTHN+2rLns/NQ8sxR+DUZti9U='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
226744
cache-control
max-age=31536000
content-encoding
br
content-length
23126
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-8jSKIoz3vKtFdLYKA/pTHN+2rLns/NQ8sxR+DUZti9U='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 11:05:28 GMT
etag
"e45109dd8212f04f633ff5cbb44528e9"
last-modified
Fri, 07 Jun 2024 20:04:16 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
5490
x-content-type-options
nosniff
x-request-id
77e95da1-1bb9-4e18-842b-6588d0a95fec
x-served-by
cache-fra-eddf8230151-FRA
FlagIcon-DE-29207269d78b4b554610d848be493ba1.svg
js.stripe.com/v3/fingerprinted/img/ 		771 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/FlagIcon-DE-29207269d78b4b554610d848be493ba1.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fee5a905f05ffeeeee975ca25c66c92cff08eec72992ef466bde4b5b0466de15
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2283825
x-cache
HIT
content-length
435
x-request-id
ba4f6b1f-d63c-49d7-bfe6-ba1b5d12b262
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 19 Sep 2023 20:03:52 GMT
server
Fastly
etag
"29207269d78b4b554610d848be493ba1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
620
68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387852306f7a5a544a4a6333683652574a755756457866475a6662476c325a56397a64316f334e564a53524455795a6b3952567a526d576e705...
d1wqzb5bdbcre6.cloudfront.net/012dabbaf1ec12243db3e5770b52089bed53027e296741046fd2ae68225def10/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1wqzb5bdbcre6.cloudfront.net/012dabbaf1ec12243db3e5770b52089bed53027e296741046fd2ae68225def10/68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387852306f7a5a544a4a6333683652574a755756457866475a6662476c325a56397a64316f334e564a53524455795a6b3952567a526d576e7052516c4630646a513030564846533875717a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:2e00:9:7851:2b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a916c155910418d4965aba1da664b253fa36fa05f3d3c1265fdf034cf5000fa3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1717945561346626
via
1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 11:05:29 GMT
x-amz-cf-pop
HEL51-P1
content-security-policy-report-only
report-uri /csp-report; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'unsafe-hashes' 'sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ=' 'sha256-Uok2etT07nimvrD0JBY/ZlYS3xAfAdOKAkUmemu2L5w=' 'sha256-/GsttfBxdlxoPqvqzTUg3Z8XmEm6Xr9QwYLeYSTCg5o=' 'sha256-M6Ysz0+Rk4NS0oJRgQlAcfTBnQYhP6Zx0KLoS2OqDb8=' 'sha256-kZIsqHPSISIo2t1pH7cXKP7WqETBpurMjGw/57SZwqg=' 'sha256-zMSqd3IdI0P85bMS1pHPulcrWrNFUbioxKEvO08Bg9I=' 'sha256-TRqlpmAiAzdBCZE1o+lQqVRTlYA6Pibo8B5RmAcBtX4=' 'sha256-oYDOcJ/3x3f2qweXt6aM6Dr/4bCdzSp+YjmworuYpAU='
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
289
content-length
36502
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Jun 2022 13:51:18 GMT
server
Cloudfront
cross-origin-opener-policy
same-origin
etag
"ce1c50e9dd4b198dfcd47a988a644e37"
vary
Accept-Encoding
content-type
image/png
x-stripe-server-envoy-upstream-service-time-ms
286
x-stripe-client-envoy-start-time-us
1717945561345809
cache-control
max-age=31536000
x-envoy-attempt-count
1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1z7meZMSe_vNSCZgorY7_M8za_xlYNOOIwkXP8rcKmSYW4yNh2ko9g==
expires
0
visa-729c05c240c4bdb47b03ac81d9945bfe.svg
js.stripe.com/v3/fingerprinted/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/visa-729c05c240c4bdb47b03ac81d9945bfe.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d0b63ce61a6e0367ae657102f479f114fa8851a0e95d1894971dd5cddb426725
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
3566044
x-cache
HIT
content-length
1330
x-request-id
ce8ebbcd-b58c-4557-bb1c-6f77305c730a
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 01 Aug 2023 17:33:40 GMT
server
Fastly
etag
"729c05c240c4bdb47b03ac81d9945bfe"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
20995
mastercard-4d8844094130711885b5e41b28c9848f.svg
js.stripe.com/v3/fingerprinted/img/ 		523 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/mastercard-4d8844094130711885b5e41b28c9848f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
747fca640bc3ae35c7422e023f27cf4a0953b7fe694bfb8bb528b50b70bd15ce
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
4592988
x-cache
HIT
content-length
295
x-request-id
31485e11-02c7-46ea-8fef-e1bf8cc0d450
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 19 Sep 2023 20:03:57 GMT
server
Fastly
etag
"4d8844094130711885b5e41b28c9848f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
20423
amex-a49b82f46c5cd6a96a6e418a6ca1717c.svg
js.stripe.com/v3/fingerprinted/img/ 		2 KB
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/amex-a49b82f46c5cd6a96a6e418a6ca1717c.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
07483f00631032dfd02e79d3de16d990830ec530b691c236b58a641b4b752458
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
4682321
x-cache
HIT
content-length
751
x-request-id
5d692068-25fe-44b6-a2fc-82789238766e
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Wed, 05 Jul 2023 20:15:44 GMT
server
Fastly
etag
"a49b82f46c5cd6a96a6e418a6ca1717c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17677
unionpay-8a10aefc7295216c338ba4e1224627a1.svg
js.stripe.com/v3/fingerprinted/img/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/unionpay-8a10aefc7295216c338ba4e1224627a1.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3cd41a77ef3c37c2affe67c940b630dd8f96a16b6e56158088f796a0e62476b9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2801243
x-cache
HIT
content-length
5769
x-request-id
03d71d3a-3f73-44af-9426-4a9042c18ec7
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 03 Oct 2023 20:17:59 GMT
server
Fastly
etag
"8a10aefc7295216c338ba4e1224627a1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17239
jcb-271fd06e6e7a2c52692ffa91a95fb64f.svg
js.stripe.com/v3/fingerprinted/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/jcb-271fd06e6e7a2c52692ffa91a95fb64f.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3d1ec759e322c0da35ee5e9b2ee664f4815b157bf59f121559e0f1ac1fa216cf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2953259
x-cache
HIT
content-length
923
x-request-id
12c8bddd-e030-4956-a9d8-4e8ab4239881
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Mon, 02 Oct 2023 21:38:29 GMT
server
Fastly
etag
"271fd06e6e7a2c52692ffa91a95fb64f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
13841
discover-ac52cd46f89fa40a29a0bfb954e33173.svg
js.stripe.com/v3/fingerprinted/img/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/discover-ac52cd46f89fa40a29a0bfb954e33173.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
856072e1bdc38ddb50ad23c7ffaff6ddbb8ed3019620f205b07782ee33fa10ae
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
4760617
x-cache
HIT
content-length
1984
x-request-id
20dbe190-0376-46f6-9ce4-9e8f378363ab
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Thu, 28 Mar 2024 20:07:03 GMT
server
Fastly
etag
"ac52cd46f89fa40a29a0bfb954e33173"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9573
diners-fbcbd3360f8e3f629cdaa80e93abdb8b.svg
js.stripe.com/v3/fingerprinted/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/diners-fbcbd3360f8e3f629cdaa80e93abdb8b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b4c048d9606a05c5cf4acad544e94d1d4f9c76284a7a69eaf2268af2e44bd95d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2965601
x-cache
HIT
content-length
1042
x-request-id
ae22117c-bdd0-4a7c-8dfd-07c1a32831ec
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 03 Oct 2023 20:17:56 GMT
server
Fastly
etag
"fbcbd3360f8e3f629cdaa80e93abdb8b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9550
68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387852306f7a5a544a4a6333683652574a755756457866475a6662476c325a5639366346453362584a745a554a7a51554a444e6a4e525247704...
d1wqzb5bdbcre6.cloudfront.net/b2c6b4d0d6383e0b17f380527451dc514b4fb90a9566274017be403c1481c611/ 		10 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1wqzb5bdbcre6.cloudfront.net/b2c6b4d0d6383e0b17f380527451dc514b4fb90a9566274017be403c1481c611/68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387852306f7a5a544a4a6333683652574a755756457866475a6662476c325a5639366346453362584a745a554a7a51554a444e6a4e52524770426246424a4d7a5530304379326141526950
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2368:2e00:9:7851:2b80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
dd7c5ae144a9e24fd3db83aa633c851917c5fdc9c3f9c05e0ada6b1800ff49d6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1717945560512981
via
1.1 1006b6fade1118dfc3284a26ac82fccc.cloudfront.net (CloudFront)
date
Mon, 10 Jun 2024 11:05:29 GMT
x-amz-cf-pop
HEL51-P1
content-security-policy-report-only
report-uri /csp-report; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'unsafe-hashes' 'sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ=' 'sha256-Uok2etT07nimvrD0JBY/ZlYS3xAfAdOKAkUmemu2L5w=' 'sha256-/GsttfBxdlxoPqvqzTUg3Z8XmEm6Xr9QwYLeYSTCg5o=' 'sha256-M6Ysz0+Rk4NS0oJRgQlAcfTBnQYhP6Zx0KLoS2OqDb8=' 'sha256-kZIsqHPSISIo2t1pH7cXKP7WqETBpurMjGw/57SZwqg=' 'sha256-zMSqd3IdI0P85bMS1pHPulcrWrNFUbioxKEvO08Bg9I=' 'sha256-TRqlpmAiAzdBCZE1o+lQqVRTlYA6Pibo8B5RmAcBtX4=' 'sha256-oYDOcJ/3x3f2qweXt6aM6Dr/4bCdzSp+YjmworuYpAU='
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
236
content-length
10276
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 Jun 2022 13:50:54 GMT
server
Cloudfront
cross-origin-opener-policy
same-origin
etag
"efbdfc6e692eb2f9098382e908673d0f"
vary
Accept-Encoding
content-type
image/png
x-stripe-server-envoy-upstream-service-time-ms
233
x-stripe-client-envoy-start-time-us
1717945560512072
cache-control
max-age=31536000
x-envoy-attempt-count
1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
SyPN4wfV9vo_u6hyBI_fVe3amXBcCkxbhu9KiLpyuAO2X7C0BfMmRQ==
expires
0
card-ce24697297bd3c6a00fdd2fb6f760f0d.svg
js.stripe.com/v3/fingerprinted/img/ 		281 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/card-ce24697297bd3c6a00fdd2fb6f760f0d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8751faa01a9ff5956a525ecf8619873fa2f7fcbc53f469629be3815f65792aa2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2950035
x-cache
HIT
content-length
206
x-request-id
f3dd41c4-85fa-4707-a9c0-fc77ea1c6883
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Mon, 02 Oct 2023 21:38:28 GMT
server
Fastly
etag
"ce24697297bd3c6a00fdd2fb6f760f0d"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2736
klarna-42dd359daa1a52e63897e30369dde5c8.svg
js.stripe.com/v3/fingerprinted/img/ 		427 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/klarna-42dd359daa1a52e63897e30369dde5c8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
76d19b013eeb489e996f60812857446dad4ab3ad2061e33e897fb38fe5d69432
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
1159546
x-cache
HIT
content-length
281
x-request-id
50597fa1-7631-435d-8b29-46feca8ad9af
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Tue, 26 Sep 2023 23:09:09 GMT
server
Fastly
etag
"42dd359daa1a52e63897e30369dde5c8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
sepa-26e0fb27f65fecb5bc1a65286e56c617.svg
js.stripe.com/v3/fingerprinted/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/sepa-26e0fb27f65fecb5bc1a65286e56c617.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
cfc67d8fb62555bd66b06d8443a834e5b9aa48a852c8640032cb2ee9d5ba982b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
354206
x-cache
HIT
content-length
1674
x-request-id
7c3e08f2-b27f-42c4-9814-6ffd6f3b2946
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Mon, 01 Apr 2024 20:04:07 GMT
server
Fastly
etag
"26e0fb27f65fecb5bc1a65286e56c617"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
sofort-7853de60975f477395efb1c18381a9b9.svg
js.stripe.com/v3/fingerprinted/img/ 		669 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.stripe.com/v3/fingerprinted/img/sofort-7853de60975f477395efb1c18381a9b9.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
aa21cced2d0aa165e687d217a0ab5a5a6609d57bd32828fa232a188adca3bf69
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://payment.sourceweb.cloud/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 11:05:28 GMT
via
1.1 varnish
age
2360714
x-cache
HIT
content-length
424
x-request-id
04a8b96e-b307-4622-939a-56e6bc6def45
x-served-by
cache-fra-eddf8230142-FRA
last-modified
Mon, 01 Apr 2024 20:04:07 GMT
server
Fastly
etag
"7853de60975f477395efb1c18381a9b9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| __tti object| webpackChunkStripeJShosted function| __nativePromise object| __core-js_shared__ object| core object| webpackChunkStripeJSouter function| noop function| Stripe object| __SENTRY__

4 Cookies

Domain/Path Name / Value
.payment.sourceweb.cloud/ Name: __stripe_mid
Value: 62d65bcd-6b54-4a46-bbe0-3657c9aa976e35bd96
.payment.sourceweb.cloud/ Name: __stripe_sid
Value: f56400dd-1f47-43de-8366-27ec7375bf8d5054b7
m.stripe.com/ Name: m
Value: 5636e734-7a1f-48ae-92d4-5e953a139c60ed7493
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCjdkT6jP6Qd3

12 Console Messages

Source Level URL
Text
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://payment.sourceweb.cloud/b/6oEfZBanj1xn532aEH
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-MhJXriqz7P/nM/kr2Yx1NMDOvpWN8q2Gj8Kfm89ipjk=' 'sha256-Rs7zoycEGz8Aoh9NxrpDQaZ9oV27ZjlGKVOcL1V1ntA=' 'sha256-Rs5nby0qXCZXF9fQcSPnjYoZZZwSqMHv7dzfKmWl4yQ='; style-src 'self' https://js.stripe.com 'sha256-FLfzCmfmG72/B/W2L2O3OsoVkhq9pQvCH0CM5OItwxU='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1wqzb5bdbcre6.cloudfront.net
js.stripe.com
merchant-ui-api.stripe.com
payment.sourceweb.cloud
www.pay-2.teissl.info
151.101.64.176
198.137.150.201
2600:9000:2368:2e00:9:7851:2b80:21
2606:4700:4400::ac40:9034
85.13.147.92
0521fb2f48cc1985084e75f458a4d041d91972ea54f708b2976a3fdff8f54fc2
07483f00631032dfd02e79d3de16d990830ec530b691c236b58a641b4b752458
11e2643c5a770c1b175a16505f522089b494a4938005618c4943c4713b2ab576
17c31590afc82a48c11cb3e13e8797d13e58e2296af6b9913d6827e53eede025
30efa52e3f86849a9348f9a7ba91abe34101726b68b844d5019cee6279f631da
3ad85dc97c49a1271a20d073e60a6ba0af2b85c9f365885d5345d10c1840ac6c
3cd41a77ef3c37c2affe67c940b630dd8f96a16b6e56158088f796a0e62476b9
3d1ec759e322c0da35ee5e9b2ee664f4815b157bf59f121559e0f1ac1fa216cf
40344e8b126a75408f187a246c6da3491faad56a2a4de46542c689ded5fcf73a
46e93f40da560ea7e8c3bbd32af23481dc1544d0c6ded71bb731e7d6c4b489c4
56e9db1f01ad56002df3b97b46923db0c98fc10a3aa949d8500cb6b12e92246c
5f472359f3a4ebc2e5f1dd6f0f5577f45b167dd5e8d649b495aee28ab0ad97fe
66cf72567de91d73dcaddf3dbb164d30ebf802a3c6a551317712658dedca8e2e
747fca640bc3ae35c7422e023f27cf4a0953b7fe694bfb8bb528b50b70bd15ce
76d19b013eeb489e996f60812857446dad4ab3ad2061e33e897fb38fe5d69432
7fac5aedb949ad5f2fe93191bd479e8e99c9cdf0b40d7d68da9e18057270de3a
8032162b5295b56830a762c2e33170768880ff486d1029a6db021202fd6e50f2
856072e1bdc38ddb50ad23c7ffaff6ddbb8ed3019620f205b07782ee33fa10ae
8751faa01a9ff5956a525ecf8619873fa2f7fcbc53f469629be3815f65792aa2
8c40c9aa27800c8e402f2595449992967f4986718038436bd0319c7bee309d4c
92eb757f37564445f160854be4405096645e482264aa3fe5731c6257cc6dd33c
931d02167d5586ed82a49608dd6b232c71ef108c1cb9ea9bca98ab4bcf62d9ca
96fcfc76dfff06d71b18feb4aa9a042ee41d215ef8edf7924bc1d2bbdaa9312f
a916c155910418d4965aba1da664b253fa36fa05f3d3c1265fdf034cf5000fa3
aa21cced2d0aa165e687d217a0ab5a5a6609d57bd32828fa232a188adca3bf69
abdb79536d2ec6ac277df39edbbd14e1d4cf84d3a5609ef96b9a4c0ffd96e1bd
b4c048d9606a05c5cf4acad544e94d1d4f9c76284a7a69eaf2268af2e44bd95d
b52c33d9d5730f7814f910f993e778793d3edbf88d628c013825b6a5bc93efaa
b81920b3178972c454bb4918666b7a03b5cc9ab3267c91309ffefcb52e36c141
cfc67d8fb62555bd66b06d8443a834e5b9aa48a852c8640032cb2ee9d5ba982b
d0b63ce61a6e0367ae657102f479f114fa8851a0e95d1894971dd5cddb426725
d7ef1c065a6ad3e8e6c01bb749bca17873656902e77d8066481d68d0fcff3126
dab52155b2a24b0bfb120c2cd4b4b595d3dd0d8f2c459a284eda541ff2e40bac
dd7c5ae144a9e24fd3db83aa633c851917c5fdc9c3f9c05e0ada6b1800ff49d6
e6065dea915063a7c89f4592e32e0208701b281d55f3077e3bde07bcfd31b02b
ee3095228fd2ee756e1d360104d2f012c9d935585076bc168ac1ed736c8bc7dc
fee5a905f05ffeeeee975ca25c66c92cff08eec72992ef466bde4b5b0466de15