stripe.simis-app.de Open in urlscan Pro
195.201.31.33  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response stripe.simis-app.de/	2 KB 2 KB	126ms 28ms	Document text/html	195.201.31.33 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stripe.simis-app.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.201.31.33 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.33.31.201.195.clients.your-server.de Software nginx/1.21.1 / Resource Hash 20a7927b570160ca54d6b6bc4ba12ad8fad298d0a1a6042c1a81c9ccded5ca50 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 2283 content-type text/html date Wed, 22 Feb 2023 12:07:23 GMT etag "612ca450-8eb" last-modified Mon, 30 Aug 2021 09:26:40 GMT server nginx/1.21.1
GET H2	200	/ Show response js.stripe.com/v3/	437 KB 105 KB	84ms 25ms	Script text/javascript	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: stripe.simis-app.de URL: https://stripe.simis-app.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 349dc4b19d9a2110d9557aaaa79f19c368a4e284bbd9a1e4827259799a54baf4 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://stripe.simis-app.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Wed, 22 Feb 2023 12:06:40 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 44 x-cache Hit from cloudfront last-modified Tue, 21 Feb 2023 20:49:59 GMT server Cloudfront etag W/"6787000ec45baf58f58519abab7cf6d7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id iLMJ2AuucPc_sHi-A9Uc2mdSqCzfqAJ7ziBt7-DZtsBFl0LlsOMHNQ==
GET H2	200	controller-d86c8b187b82cc69607fa0f8371ff3d9.html Show response js.stripe.com/v3/ Frame BB5C	325 B 1 KB	23ms 23ms	Document text/html	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-d86c8b187b82cc69607fa0f8371ff3d9.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash e8160bc897ecbad02d934ff3d1d627148839d45a1072f06b3c5506f20a56e6ec Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://stripe.simis-app.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 43 cache-control max-age=60 content-length 325 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Wed, 22 Feb 2023 12:06:41 GMT etag "d86c8b187b82cc69607fa0f8371ff3d9" last-modified Tue, 21 Feb 2023 20:15:29 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) x-amz-cf-id _ZVmvMZ93JOnMCUuF_c_opzVUWGyVEJrmbpejHod79CHE6ipFluc2w== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response js.stripe.com/v3/ Frame 63FD	200 B 1 KB	22ms 22ms	Document text/html	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://stripe.simis-app.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 3186 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Wed, 22 Feb 2023 11:14:25 GMT etag "93afeeb17bc37e711759584dbfc50d47" last-modified Tue, 07 Feb 2023 17:44:43 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) x-amz-cf-id wDA7hSJCsImtoqD6QUE1nOud8TNVCHZdDTyAJpZP9DNDN45SPze08Q== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	csp-report q.stripe.com/ Frame BB5C	0 601 B	603ms 196ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: stripe.simis-app.de URL: https://stripe.simis-app.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 22 Feb 2023 12:07:23 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	shared-2058594ee57a53bbdb2d5af57e349246.js Show response js.stripe.com/v3/fingerprinted/js/ Frame BB5C	318 KB 76 KB	25ms 24ms	Script text/javascript	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-2058594ee57a53bbdb2d5af57e349246.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-d86c8b187b82cc69607fa0f8371ff3d9.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 7d571775f839c82483d27b52e8c58b6a2ec17c06e9846a5bab6e723375a0be9d Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-d86c8b187b82cc69607fa0f8371ff3d9.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 22 Feb 2023 11:17:27 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 2997 x-cache Hit from cloudfront last-modified Tue, 21 Feb 2023 20:15:40 GMT server Cloudfront etag W/"8f298412a4134bd28f2352110993664c" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id NbCgbYxnRotcRqPnx-_Wd0aiEJk_oPJB9bNFUgCfCzjd7bdRHeX7cQ==
GET H2	200	controller-dfed8fea2b8270eb4355f42f99dfa153.js Show response js.stripe.com/v3/fingerprinted/js/ Frame BB5C	469 KB 124 KB	32ms 32ms	Script text/javascript	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-dfed8fea2b8270eb4355f42f99dfa153.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-d86c8b187b82cc69607fa0f8371ff3d9.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 1ab538896529c778082568d9c0c07fbf9cf827dbe9949cd94ab85c8e0530cb72 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-d86c8b187b82cc69607fa0f8371ff3d9.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 22 Feb 2023 11:17:36 GMT via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 2988 x-cache Hit from cloudfront last-modified Tue, 21 Feb 2023 20:15:38 GMT server Cloudfront etag W/"1f08c3424de923fcd322d529468fded3" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id 5ZhcysDpyBhdtTmKnGV1MdkBnqW_95C2jmDewIwwR2DNxDYnFUjuqQ==
POST H2	200	csp-report q.stripe.com/ Frame 63FD	0 600 B	603ms 200ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: stripe.simis-app.de URL: https://stripe.simis-app.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 22 Feb 2023 12:07:23 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 63FD	0 600 B	787ms 384ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: stripe.simis-app.de URL: https://stripe.simis-app.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 22 Feb 2023 12:07:23 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 63FD	631 B 1 KB	45ms 45ms	Script text/javascript	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Wed, 22 Feb 2023 11:37:09 GMT x-content-type-options nosniff via 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 1819 x-cache Hit from cloudfront content-length 631 last-modified Tue, 14 Feb 2023 21:26:16 GMT server Cloudfront etag "f8f6a4584135f737b26927596ce6e0a7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id SX_f9u25DNWKyOMTw0Y5-2lcGrjcm482vp-bZKodY1foXGNl5l0-YA==
GET H2	200	inner.html Show response m.stripe.network/ Frame 3507	930 B 1 KB	82ms 22ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 217 cache-control max-age=300, public content-encoding gzip content-length 527 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Wed, 22 Feb 2023 12:07:23 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 303 x-content-type-options nosniff x-request-id 58b8a99d-05a0-417d-970d-06ab406e13c1 x-served-by cache-hhn-etou8220067-HHN x-timer S1677067643.400005,VS0,VE0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame BB5C	474 B 865 B	70ms 24ms	Fetch application/json	99.86.4.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-2058594ee57a53bbdb2d5af57e349246.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-99.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 423640a3f960efd6b960e93f3eb1c6d447399fc5272ddc742f4e29fb1d62c54b Request headers Accept application/json Referer https://js.stripe.com/v3/controller-d86c8b187b82cc69607fa0f8371ff3d9.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 22 Feb 2023 12:07:09 GMT via 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront) last-modified Tue, 21 Feb 2023 20:49:59 GMT server Cloudfront x-amz-cf-pop FRA6-C1 age 38 etag "d2de3fd196c2f4f6004a2e5d83db8698" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id egV-i8-dtq8dDgTcQJ-OSO4QQ62ZXGBGExPQ07dRP4FWk2_FYXnsRw==
POST H2	200	csp-report q.stripe.com/ Frame 3507	0 374 B	467ms 198ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: stripe.simis-app.de URL: https://stripe.simis-app.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers x-stripe-bg-intended-route-color green pragma no-cache date Wed, 22 Feb 2023 12:07:23 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff server nginx cross-origin-opener-policy same-origin cache-control max-age=0, no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 x-robots-tag none content-length 0 expires 0
GET H2	200	out-4.5.42.js Show response m.stripe.network/ Frame 3507	86 KB 16 KB	22ms 22ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Wed, 22 Feb 2023 12:07:23 GMT x-content-type-options nosniff content-encoding gzip via 1.1 varnish age 215 x-cache HIT content-length 16031 x-request-id 80eaf8c1-7beb-45ce-a87f-f7abe547924a x-served-by cache-hhn-etou8220067-HHN server Fastly x-timer S1677067643.427021,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 302
POST H2	200	0 Show response r.stripe.com/ Frame BB5C	0 157 B	617ms 199ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-2058594ee57a53bbdb2d5af57e349246.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com x-stripe-bg-intended-route-color green date Wed, 22 Feb 2023 12:07:23 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame BB5C	0 158 B	615ms 197ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-2058594ee57a53bbdb2d5af57e349246.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com x-stripe-bg-intended-route-color green date Wed, 22 Feb 2023 12:07:23 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame BB5C	0 157 B	618ms 201ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-2058594ee57a53bbdb2d5af57e349246.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com x-stripe-bg-intended-route-color green date Wed, 22 Feb 2023 12:07:23 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame BB5C	0 157 B	571ms 202ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-2058594ee57a53bbdb2d5af57e349246.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com x-stripe-bg-intended-route-color green date Wed, 22 Feb 2023 12:07:23 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	6 Show response m.stripe.com/ Frame 3507	156 B 551 B	604ms 196ms	XHR application/json	52.36.35.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.42.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.36.35.54 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-36-35-54.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 89fb65d3b248ac8252b65535593b81f8073c68fd04d0cfe58c66a033fd7d30d5 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Wed, 22 Feb 2023 12:07:23 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff server nginx content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| webpackChunkStripeJSouter function| noop function| Stripe function| goBack function| findGetParameter

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-20 19:27:07	Name: m Value: e1c28cf1-4a20-4328-82e5-0427278c1ac0990203
			.stripe.simis-app.de/	1970-01-20 18:36:43	Name: __stripe_mid Value: bda08011-83d6-4273-b416-b97c5eb118a482c605
			.stripe.simis-app.de/	1970-01-20 09:51:09	Name: __stripe_sid Value: 5c826b23-65b7-4a2f-b70c-c1e896dbb558279dac

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
stripe.simis-app.de
151.101.192.176
195.201.31.33
52.36.35.54
54.186.23.98
54.187.119.242
99.86.4.99
1ab538896529c778082568d9c0c07fbf9cf827dbe9949cd94ab85c8e0530cb72
20a7927b570160ca54d6b6bc4ba12ad8fad298d0a1a6042c1a81c9ccded5ca50
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
349dc4b19d9a2110d9557aaaa79f19c368a4e284bbd9a1e4827259799a54baf4
423640a3f960efd6b960e93f3eb1c6d447399fc5272ddc742f4e29fb1d62c54b
7d571775f839c82483d27b52e8c58b6a2ec17c06e9846a5bab6e723375a0be9d
89fb65d3b248ac8252b65535593b81f8073c68fd04d0cfe58c66a033fd7d30d5
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8160bc897ecbad02d934ff3d1d627148839d45a1072f06b3c5506f20a56e6ec
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083