checkout.main-gauche.com Open in urlscan Pro
2606:4700:4400::6812:2bcc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI
Submission: On May 17 via manual (May 17th 2024, 3:41:26 pm UTC) from FR — Scanned from FR

Summary HTTP 34 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 34 HTTP transactions. The main IP is 2606:4700:4400::6812:2bcc, located in United States and belongs to CLOUDFLARENET, US. The main domain is checkout.main-gauche.com.
TLS certificate: Issued by E1 on May 11th 2024. Valid for: 3 months.

This is the only time checkout.main-gauche.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:440... 2606:4700:4400::6812:2bcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	198.202.176.141 198.202.176.141	16509 (AMAZON-02) (AMAZON-02)
9	18.239.94.63 18.239.94.63	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
34	5

1 2606:4700:4400::6812:2bcc (United States)

ASN13335 (CLOUDFLARENET, US)

checkout.main-gauche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.202.176.141 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.239.94.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-63.ams1.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

stripe-camo.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	stripe.com js.stripe.com — Cisco Umbrella Rank: 1088 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5673	971 KB
2	fastly.net stripe-camo.global.ssl.fastly.net — Cisco Umbrella Rank: 118415	3 KB
1	main-gauche.com checkout.main-gauche.com	80 KB
34	3

	Domain	Requested by
29	js.stripe.com	checkout.main-gauche.com js.stripe.com
2	stripe-camo.global.ssl.fastly.net
2	merchant-ui-api.stripe.com	checkout.main-gauche.com
1	checkout.main-gauche.com
34	4

This site contains links to these domains. Also see Links.

Domain
stripe.com

Subject Issuer	Validity	Valid
checkout.main-gauche.com E1	`2024-05-11` - `2024-08-09`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-03-27` - `2024-06-27`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-05-07` - `2024-08-08`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI
Frame ID: F014535D68402C5EE8B07CA233448990
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BC942EA17420CCF81389C58F856DD2D0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 44181076F2BA20BD1991AAD290BCBB71
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3855fe385f68045b08359186bf916fa7.html
Frame ID: A66A62F7D9B0145E10973CAC5327942F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/logger-transport-iframe-33a886903c3631931bb68eee4ffd890b.html
Frame ID: CF0F5AF65C4FBA33C74D163229E9AE50
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/link-login-inner-04a52db554712332f8f7919ce908d54e.html
Frame ID: 47414E49A8617805CDBBF25255A55749
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/checkout-inner-origin-frame-193642b58d038c0cbc1e25a61c35311a.html
Frame ID: D88DBB5799DD1B4249A33882BAE26B77
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-dd1a3bfc3c7db716175e87ff883269d2.html
Frame ID: 056DBC86F16FE9746785EF5006728FF6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-9b22a389e448b814c4f630f1106e5215.html
Frame ID: 7058EABB0B36DB70133C2DC4B8912A07
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-0708c0440c3c2eb2cf2893d94b98e637.html
Frame ID: 78292481A1232B6F4A025C37EAB961A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Main Gauche

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

34
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

1054 kB
Transfer

4038 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://stripe.com/
Title: Powered by Stripe

Search URL Search Domain Scan URL

URL: https://stripe.com/legal/end-users
Title: Terms

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 00g6rCf0678v2JL1AI Show response
checkout.main-gauche.com/b/ 289 KB
80 KB 184ms
45ms Document
text/html 2606:4700:4400::6812:2bcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2bcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a78b332f2cb369cc2bc15dbc6d52a789350c44ba83c7cd8f27c9c3e8c3518b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-MhJXriqz7P/nM/kr2Yx1NMDOvpWN8q2Gj8Kfm89ipjk=' 'sha256-Rs7zoycEGz8Aoh9NxrpDQaZ9oV27ZjlGKVOcL1V1ntA=' 'sha256-d/mp7EKwm3b57c9pEpqBFfrVzOF9JLXuaOt+Av9iI7c='; style-src 'self' https://js.stripe.com 'sha256-FLfzCmfmG72/B/W2L2O3OsoVkhq9pQvCH0CM5OItwxU='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 59
cache-control: max-age=60, stale-while-revalidate=900
cf-cache-status: DYNAMIC
cf-ray: 8854b606bd976986-CDG
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-MhJXriqz7P/nM/kr2Yx1NMDOvpWN8q2Gj8Kfm89ipjk=' 'sha256-Rs7zoycEGz8Aoh9NxrpDQaZ9oV27ZjlGKVOcL1V1ntA=' 'sha256-d/mp7EKwm3b57c9pEpqBFfrVzOF9JLXuaOt+Av9iI7c='; style-src 'self' https://js.stripe.com 'sha256-FLfzCmfmG72/B/W2L2O3OsoVkhq9pQvCH0CM5OItwxU='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:41:19 GMT
last-modified: Thu, 16 May 2024 20:39:22 GMT
server: cloudflare
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 1f660a47-677d-42f5-976f-83a38117514a
x-served-by: cache-par-lfpg1960096-PAR
x-timer: S1715960480.817167,VS0,VE0

GET
H2 200 checkout-app-init-4f3bea3f6942057313f245cebfbd0222.js Show response
js.stripe.com/v3/fingerprinted/js/ 2 MB
463 KB 95ms
39ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/checkout-app-init-4f3bea3f6942057313f245cebfbd0222.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8464c7abe39b60971d44cc0671dff3621aa040d71f1c63ad63c0d8250d3aefd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:19 GMT
via: 1.1 varnish
age: 70560
x-cache: HIT
content-length: 473258
x-request-id: 38ee3e72-80cb-4d4c-a71c-54eaef288861
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Thu, 16 May 2024 20:02:28 GMT
server: Fastly
etag: "1e893b9942e91b193e49e5edc31aa797"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 checkout-app-init-971024695ef2256a7620d145cb14ec20.css
js.stripe.com/v3/fingerprinted/css/ 335 KB
50 KB 74ms
19ms Stylesheet
text/css 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/checkout-app-init-971024695ef2256a7620d145cb14ec20.css

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5cbe875286c0c120c5f668ff2ed214d4374245e50ee2a32293b52e8f1fe07e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:19 GMT
via: 1.1 varnish
age: 167289
x-cache: HIT
content-length: 51308
x-request-id: 5e6a648e-b056-4f8c-91f4-889a538eceb5
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Wed, 15 May 2024 17:07:09 GMT
server: Fastly
etag: "139cdaec486caa647ecca57ebc9fcc57"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1007

GET
H2 200 vendor-ed806f99e961cd6de14fc83f461f1409.js Show response
js.stripe.com/v3/fingerprinted/js/ 390 KB
125 KB 114ms
58ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/vendor-ed806f99e961cd6de14fc83f461f1409.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0f05cf8ec70f6f8bdc7175cd7ab16d9dd7d9e4e8141f9045b02e0fd0c340115f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:19 GMT
via: 1.1 varnish
age: 2112881
x-cache: HIT
content-length: 128130
x-request-id: 8d9e02dc-d8dd-4366-967a-0ee57197d4f4
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Thu, 18 Apr 2024 18:16:56 GMT
server: Fastly
etag: "2e188cab90a95211f9375d9c9aa83af3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 stripe-a3efa628db8502f14318f9834c73307a.js Show response
js.stripe.com/v3/fingerprinted/js/ 603 KB
166 KB 99ms
60ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

752632740de79ea8871a43460bd6473ae1f3cb4fec3bee3f2d0c6b7ed6bd12dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:19 GMT
via: 1.1 varnish
age: 70719
x-cache: HIT
content-length: 170252
x-request-id: 1ea80b65-fba8-4b5b-884c-8c29d8981c58
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Thu, 16 May 2024 20:02:32 GMT
server: Fastly
etag: "7774010f63d7ce7ce23d2319c921368f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ 474 B
613 B 55ms
18ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16fce95ebf29c21641288245cf36f947d2fca720591f3652b501eb24ea6d1531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://checkout.main-gauche.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 15:41:19 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 51
x-cache: HIT
content-length: 297
x-request-id: 31cd014d-7ec8-4999-b366-3e931c4b40fa
x-served-by: cache-lcy-eglc8600025-LCY
last-modified: Thu, 16 May 2024 20:39:23 GMT
server: Fastly
etag: "e5d9df55dd1372646f36ac62a9da87d8"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54

GET
H2 200 00g6rCf0678v2JL1AI Show response
merchant-ui-api.stripe.com/payment-links/ 249 B
1 KB 300ms
218ms Fetch
application/json 198.202.176.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/payment-links/00g6rCf0678v2JL1AI

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.141 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9ec62336e0c44d755a1c56ace90dc848afd764446d293d78a28304fa5c371613

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://checkout.main-gauche.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 15:41:20 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
request-id: req_JGY2mGIZWHSv7c
content-length: 249
reporting-endpoints: coop="https://q.stripe.com/coop-report?s=merchant-ui-api-srv"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: POST, GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=merchant-ui-api-srv"}],"include_subdomains":true}
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to="coop"
expires: 0

POST
H2 200 00g6rCf0678v2JL1AI Show response
merchant-ui-api.stripe.com/payment-links/ 9 KB
10 KB 791ms
712ms Fetch
application/json 198.202.176.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/payment-links/00g6rCf0678v2JL1AI

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.141 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

498afd2eb03af332f25b680877e86a00699705e3aaaa503b4bdfd6c838d05de8

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://checkout.main-gauche.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 15:41:20 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=payment-links%2F%3Apayment_link_exposed_id; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
request-id: req_FHXCyRcZ6qeGZC
content-length: 8997
reporting-endpoints: coop="https://q.stripe.com/coop-report?s=merchant-ui-api-srv"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: POST, GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"group":"coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=merchant-ui-api-srv"}],"include_subdomains":true}
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Origin
x-robots-tag: none
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to="coop"
expires: 0

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BC94 0
0 71ms
24ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://checkout.main-gauche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 862
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:28:33 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 10 May 2024 20:57:19 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: Rowuz9YdVtdq8sOKlNzwPl6QkE2JMRmP38lDlpWRVlIQB8xzFUCdzw==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 4418 0
0 0ms
0ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://checkout.main-gauche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 862
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:28:33 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 10 May 2024 20:57:19 GMT
server: Cloudfront
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: Rowuz9YdVtdq8sOKlNzwPl6QkE2JMRmP38lDlpWRVlIQB8xzFUCdzw==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-3855fe385f68045b08359186bf916fa7.html
js.stripe.com/v3/ Frame A66A 0
0 24ms
23ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-3855fe385f68045b08359186bf916fa7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://checkout.main-gauche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
cache-control: max-age=60, stale-while-revalidate=900
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:40:25 GMT
etag: "3855fe385f68045b08359186bf916fa7"
last-modified: Thu, 16 May 2024 20:02:18 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: MNwFAcQnm4x1iwIwyheS8X96orgPmzsP0WO7JyZvORewXuLoBCJcTQ==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ 474 B
0 0ms
0ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 16fce95ebf29c21641288245cf36f947d2fca720591f3652b501eb24ea6d1531

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://checkout.main-gauche.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 15:41:19 GMT
content-encoding: br
via: 1.1 varnish
age: 51
x-cache: HIT
content-length: 297
x-request-id: 31cd014d-7ec8-4999-b366-3e931c4b40fa
x-served-by: cache-lcy-eglc8600025-LCY
last-modified: Thu, 16 May 2024 20:39:23 GMT
server: Fastly
etag: "e5d9df55dd1372646f36ac62a9da87d8"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54

GET
H2 200 logger-transport-iframe-33a886903c3631931bb68eee4ffd890b.html
js.stripe.com/v3/ Frame CF0F 0
0 24ms
24ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/logger-transport-iframe-33a886903c3631931bb68eee4ffd890b.html

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://r.stripe.com https://js.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'none'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 550
cache-control: max-age=31536000
content-length: 216
content-security-policy: base-uri 'none'; connect-src https://r.stripe.com https://js.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'none'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src https://r.stripe.com https://js.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'none'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:32:11 GMT
etag: "33a886903c3631931bb68eee4ffd890b"
last-modified: Thu, 16 May 2024 20:02:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: RsVS_FwtAnbZ_Nu5tpy5WcfF6bd3uSsnWi7wiyKpKTxdN1lmw45qSw==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 link-login-inner-04a52db554712332f8f7919ce908d54e.html
js.stripe.com/v3/ Frame 4741 0
0 27ms
26ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/link-login-inner-04a52db554712332f8f7919ce908d54e.html

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' 'sha256-pc99ANaX4hPyzsQRhYZIdyUxv2O86FkDVsqlZmP+lfI='; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 34
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' 'sha256-pc99ANaX4hPyzsQRhYZIdyUxv2O86FkDVsqlZmP+lfI='; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:40:47 GMT
etag: W/"04a52db554712332f8f7919ce908d54e"
last-modified: Thu, 16 May 2024 20:02:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: GckBsDtILmZrYOEqyXb6DIRurWTG1h0RZwleO3cEDtN9dTmKZxjDeA==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 checkout-inner-origin-frame-193642b58d038c0cbc1e25a61c35311a.html
js.stripe.com/v3/ Frame D88D 0
0 44ms
41ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/checkout-inner-origin-frame-193642b58d038c0cbc1e25a61c35311a.html

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://api.stripe.com https://r.stripe.com https://js.stripe.com; default-src 'none'; font-src 'none'; form-action 'none'; img-src 'none'; object-src 'none'; script-src 'self' 'sha256-+cf95rpc8PLyd6667oHQTbTu2vOnRVbeIPo87q9RQmc='; style-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://checkout.main-gauche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 3052
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src https://api.stripe.com https://r.stripe.com https://js.stripe.com; default-src 'none'; font-src 'none'; form-action 'none'; img-src 'none'; object-src 'none'; script-src 'self' 'sha256-+cf95rpc8PLyd6667oHQTbTu2vOnRVbeIPo87q9RQmc='; style-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 14:50:42 GMT
etag: W/"193642b58d038c0cbc1e25a61c35311a"
last-modified: Thu, 16 May 2024 20:02:18 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: xQGdIGRDB9ixSH7BN4x1i_VGfSJnlq0GYryuIafiVO6PivHpfdK_nA==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha-invisible-dd1a3bfc3c7db716175e87ff883269d2.html
js.stripe.com/v3/ Frame 056D 0
0 30ms
28ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-dd1a3bfc3c7db716175e87ff883269d2.html

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-aXuanjIcRyRyFFAIS3lOp+cMUwzONeHBqQKe+jcRC+k='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 2200
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-aXuanjIcRyRyFFAIS3lOp+cMUwzONeHBqQKe+jcRC+k='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:04:42 GMT
etag: W/"dd1a3bfc3c7db716175e87ff883269d2"
last-modified: Thu, 16 May 2024 20:02:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: s16lCkS5EvM1JDbzATharL_TuJnFfdSaO1WTd6J6sTg7ar9jUgkOQA==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 favicon.ico
js.stripe.com/v3/ 15 KB
2 KB 27ms
26ms Other
image/vnd.microsoft.icon 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

56e9db1f01ad56002df3b97b46923db0c98fc10a3aa949d8500cb6b12e92246c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 58
x-cache: HIT
content-length: 1684
x-request-id: f26d9055-c7b7-417d-b8cb-929df817184d
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Tue, 14 May 2024 20:54:17 GMT
server: Fastly
etag: "788402a97fdf8b2c198e9dd94d3530b2"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 387-4c3d897fc52d80cb4b5fdc1fdf58d646.js Show response
js.stripe.com/v3/fingerprinted/js/ 149 KB
39 KB 32ms
32ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/387-4c3d897fc52d80cb4b5fdc1fdf58d646.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b52c33d9d5730f7814f910f993e778793d3edbf88d628c013825b6a5bc93efaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 3661737
x-cache: HIT
content-length: 39805
x-request-id: 2d496df0-3a92-4b2c-bb15-4a9b1944270f
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Tue, 20 Feb 2024 21:32:35 GMT
server: Fastly
etag: "460c96df2655f2c674dd81329ab7d3fc"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1006

GET
H2 200 phone-numbers-lib-f4657cc5a15a0de2478903bd074d5cfe.js Show response
js.stripe.com/v3/fingerprinted/js/ 2 KB
1 KB 32ms
32ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f4657cc5a15a0de2478903bd074d5cfe.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c40c9aa27800c8e402f2595449992967f4986718038436bd0319c7bee309d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 1507875
x-cache: HIT
content-length: 1110
x-request-id: 8e4b7bb2-0c59-482e-a7bb-3b8bc72f521f
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Tue, 20 Feb 2024 21:32:39 GMT
server: Fastly
etag: "237af17788f389fdec58e37ce4c55558"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 982

GET
H2 200 8433-b17676d79d5ed5e8ce63a9a21a31a4e2.js Show response
js.stripe.com/v3/fingerprinted/js/ 66 KB
21 KB 212ms
212ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/8433-b17676d79d5ed5e8ce63a9a21a31a4e2.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3ad85dc97c49a1271a20d073e60a6ba0af2b85c9f365885d5345d10c1840ac6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 2110575
x-cache: HIT
content-length: 21013
x-request-id: 7cd65c9e-10a7-4621-98d0-4c8a8911b644
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Wed, 10 Apr 2024 20:02:03 GMT
server: Fastly
etag: "25fc8ff9197cf6ff759333f0dc82c371"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 994

GET
H2 200 sentry-react-d87e13cdf6e71390a047ff4099148cdb.js Show response
js.stripe.com/v3/fingerprinted/js/ 30 KB
10 KB 213ms
212ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/sentry-react-d87e13cdf6e71390a047ff4099148cdb.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

40344e8b126a75408f187a246c6da3491faad56a2a4de46542c689ded5fcf73a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 2125012
x-cache: HIT
content-length: 10416
x-request-id: 765f824d-4c59-4ffc-8ec2-9fc889ecfbfc
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Wed, 10 Apr 2024 20:02:07 GMT
server: Fastly
etag: "0a14fe5e358e4b1e008940a0366a0598"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 997

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ 474 B
0 0ms
0ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 16fce95ebf29c21641288245cf36f947d2fca720591f3652b501eb24ea6d1531

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://checkout.main-gauche.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 15:41:19 GMT
content-encoding: br
via: 1.1 varnish
age: 51
x-cache: HIT
content-length: 297
x-request-id: 31cd014d-7ec8-4999-b366-3e931c4b40fa
x-served-by: cache-lcy-eglc8600025-LCY
last-modified: Thu, 16 May 2024 20:39:23 GMT
server: Fastly
etag: "e5d9df55dd1372646f36ac62a9da87d8"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54

GET
H2 200 payment-request-inner-google-pay-9b22a389e448b814c4f630f1106e5215.html
js.stripe.com/v3/ Frame 7058 0
0 26ms
24ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-9b22a389e448b814c4f630f1106e5215.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://checkout.main-gauche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1171
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:21:52 GMT
etag: "9b22a389e448b814c4f630f1106e5215"
last-modified: Thu, 16 May 2024 20:02:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: Bedh2jopgD_Bg8itM3wepY-Ba_fjOdaroiNQwJSaKmIUd0WUGtICjA==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 icon-95e47f05ca55a8c7dc1a24a5c6c4b5b6.css
js.stripe.com/v3/fingerprinted/css/ 12 KB
1 KB 55ms
50ms Stylesheet
text/css 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/icon-95e47f05ca55a8c7dc1a24a5c6c4b5b6.css

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b1bb6e61a5cad4a7f1c4288400380769c7ae053493039168a866a94e5ee0c2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 212559
x-cache: HIT
content-length: 1210
x-request-id: 9b42c837-34bf-4dfb-999d-f504c7b52b50
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Thu, 09 May 2024 17:08:02 GMT
server: Fastly
etag: "381a9eec7c6d40c62c2e42c9fadb0f01"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 910

GET
H2 200 icon-6e82c45218c8ada683b8aecac7de34dc.js Show response
js.stripe.com/v3/fingerprinted/js/ 110 KB
36 KB 56ms
50ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/icon-6e82c45218c8ada683b8aecac7de34dc.js

Requested by

Host: checkout.main-gauche.com
URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ff1af916699eb08c41bc14e02ed5e7b8d6e5931cfb8d71a34bdc5b347cf5c3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:20 GMT
via: 1.1 varnish
age: 2032838
x-cache: HIT
content-length: 36601
x-request-id: c62c5e7e-f2c1-4a44-b11d-2ee2e678d4f6
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Tue, 23 Apr 2024 17:20:18 GMT
server: Fastly
etag: "8e247f646632281cb095f7e5f7d994ef"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 904

GET
H/1.1 200
OK 68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387853315a3363473544656c4d7a61555644556c465066475a6662476c325a563958556d6f7756315231636c465957585a4661584273616d4a4...
stripe-camo.global.ssl.fastly.net/9183d6c6a80d5c1800d26c65cc99bd2a1168985007fe767d4c61991aa8086b5a/ 865 B
3 KB 233ms
19ms Image
image/png 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stripe-camo.global.ssl.fastly.net/9183d6c6a80d5c1800d26c65cc99bd2a1168985007fe767d4c61991aa8086b5a/68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387853315a3363473544656c4d7a61555644556c465066475a6662476c325a563958556d6f7756315231636c465957585a4661584273616d4a42637a6c36646a4d30307745677254694e46

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d01fcecb63d415748a59a7c901f73c3747249a5cf74ca085c1714f063cb177a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: 0
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1715003499889282
Via: 1.1 varnish, 1.1 varnish
Date: Fri, 17 May 2024 15:41:21 GMT
Age: 956982
content-security-policy-report-only: report-uri /csp-report; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'unsafe-hashes' 'sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ=' 'sha256-Uok2etT07nimvrD0JBY/ZlYS3xAfAdOKAkUmemu2L5w=' 'sha256-/GsttfBxdlxoPqvqzTUg3Z8XmEm6Xr9QwYLeYSTCg5o=' 'sha256-M6Ysz0+Rk4NS0oJRgQlAcfTBnQYhP6Zx0KLoS2OqDb8=' 'sha256-kZIsqHPSISIo2t1pH7cXKP7WqETBpurMjGw/57SZwqg=' 'sha256-zMSqd3IdI0P85bMS1pHPulcrWrNFUbioxKEvO08Bg9I=' 'sha256-TRqlpmAiAzdBCZE1o+lQqVRTlYA6Pibo8B5RmAcBtX4=' 'sha256-oYDOcJ/3x3f2qweXt6aM6Dr/4bCdzSp+YjmworuYpAU='
X-Cache: HIT, HIT
x-envoy-upstream-service-time: 247
Connection: keep-alive
Content-Length: 865
x-xss-protection: 1; mode=block
X-Request-ID: f7fd3b03-9e56-412a-befb-f8f0385e1d23
X-Served-By: cache-bfi-krnt7300067-BFI, cache-lcy-eglc8600037-LCY
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 24 Feb 2022 10:51:53 GMT
Server: nginx
cross-origin-opener-policy: same-origin
X-Timer: S1715960481.200278,VS0,VE1
etag: "92948154268f44a5384d178d293da6c6"
Content-Type: image/png
x-stripe-server-envoy-upstream-service-time-ms: 245
x-stripe-client-envoy-start-time-us: 1715003499888488
cache-control: max-age=31536000
x-envoy-attempt-count: 1
Accept-Ranges: bytes
x-robots-tag: none
X-Cache-Hits: 2, 0

GET
H2 200 visa-729c05c240c4bdb47b03ac81d9945bfe.svg
js.stripe.com/v3/fingerprinted/img/ 3 KB
1 KB 25ms
21ms Image
image/svg+xml 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/visa-729c05c240c4bdb47b03ac81d9945bfe.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d0b63ce61a6e0367ae657102f479f114fa8851a0e95d1894971dd5cddb426725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:21 GMT
via: 1.1 varnish
age: 2730241
x-cache: HIT
content-length: 1330
x-request-id: d1c9be1b-5b4e-4f4e-b7f8-9dc92539ebd3
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Mon, 17 Jul 2023 22:37:30 GMT
server: Fastly
etag: "729c05c240c4bdb47b03ac81d9945bfe"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4058

GET
H2 200 mastercard-4d8844094130711885b5e41b28c9848f.svg
js.stripe.com/v3/fingerprinted/img/ 523 B
566 B 26ms
22ms Image
image/svg+xml 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/mastercard-4d8844094130711885b5e41b28c9848f.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

747fca640bc3ae35c7422e023f27cf4a0953b7fe694bfb8bb528b50b70bd15ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:21 GMT
via: 1.1 varnish
age: 1345430
x-cache: HIT
content-length: 284
x-request-id: 9e79dcc3-b470-4b69-9015-267e8e51940d
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Tue, 24 Jan 2023 22:24:34 GMT
server: Fastly
etag: "4d8844094130711885b5e41b28c9848f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3939

GET
H/1.1 200
OK 68747470733a2f2f66696c65732e7374726970652e636f6d2f66696c65732f4d44423859574e6a6446387853315a3363473544656c4d7a61555644556c465066475a6662476c325a563958556d6f7756315231636c465957585a4661584273616d4a4...
stripe-camo.global.ssl.fastly.net/9183d6c6a80d5c1800d26c65cc99bd2a1168985007fe767d4c61991aa8086b5a/ 865 B
441 B 229ms
21ms Other
image/png 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.194 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d01fcecb63d415748a59a7c901f73c3747249a5cf74ca085c1714f063cb177a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: 0
Date: Fri, 17 May 2024 15:41:21 GMT
Via: 1.1 varnish
x-content-type-options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
x-stripe-server-envoy-start-time-us: 1715003499889282
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
Age: 956982
content-security-policy-report-only: report-uri /csp-report; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; style-src 'unsafe-hashes' 'sha256-4Su6mBWzEIFnH4pAGMOuaeBrstwJN4Z3pq/s1Kn4/KQ=' 'sha256-Uok2etT07nimvrD0JBY/ZlYS3xAfAdOKAkUmemu2L5w=' 'sha256-/GsttfBxdlxoPqvqzTUg3Z8XmEm6Xr9QwYLeYSTCg5o=' 'sha256-M6Ysz0+Rk4NS0oJRgQlAcfTBnQYhP6Zx0KLoS2OqDb8=' 'sha256-kZIsqHPSISIo2t1pH7cXKP7WqETBpurMjGw/57SZwqg=' 'sha256-zMSqd3IdI0P85bMS1pHPulcrWrNFUbioxKEvO08Bg9I=' 'sha256-TRqlpmAiAzdBCZE1o+lQqVRTlYA6Pibo8B5RmAcBtX4=' 'sha256-oYDOcJ/3x3f2qweXt6aM6Dr/4bCdzSp+YjmworuYpAU='
X-Cache: HIT
x-envoy-upstream-service-time: 247
Content-Length: 865
x-xss-protection: 1; mode=block
X-Request-ID: 92221254-d3cd-458c-9f47-4e7faf6ea8d9
X-Served-By: cache-lcy-eglc8600037-LCY
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 24 Feb 2022 10:51:53 GMT
Server: nginx
cross-origin-opener-policy: same-origin
X-Timer: S1715960481.221276,VS0,VE1
etag: "92948154268f44a5384d178d293da6c6"
Content-Type: image/png
x-stripe-server-envoy-upstream-service-time-ms: 245
x-stripe-client-envoy-start-time-us: 1715003499888488
Cache-Control: max-age=31536000
x-envoy-attempt-count: 1
Accept-Ranges: bytes
x-robots-tag: none
X-Cache-Hits: 1

GET
H2 200 card-ce24697297bd3c6a00fdd2fb6f760f0d.svg
js.stripe.com/v3/fingerprinted/img/ 281 B
352 B 18ms
18ms Image
image/svg+xml 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/card-ce24697297bd3c6a00fdd2fb6f760f0d.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8751faa01a9ff5956a525ecf8619873fa2f7fcbc53f469629be3815f65792aa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:21 GMT
via: 1.1 varnish
age: 2124718
x-cache: HIT
content-length: 206
x-request-id: 5a8d375d-22b7-4a26-a664-83a9df64fb69
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Tue, 19 Sep 2023 20:03:55 GMT
server: Fastly
etag: "ce24697297bd3c6a00fdd2fb6f760f0d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 118

GET
H2 200 sepa-26e0fb27f65fecb5bc1a65286e56c617.svg
js.stripe.com/v3/fingerprinted/img/ 3 KB
2 KB 19ms
18ms Image
image/svg+xml 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/sepa-26e0fb27f65fecb5bc1a65286e56c617.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

cfc67d8fb62555bd66b06d8443a834e5b9aa48a852c8640032cb2ee9d5ba982b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:21 GMT
via: 1.1 varnish
age: 220723
x-cache: HIT
content-length: 1674
x-request-id: 4cdd9cf7-6402-49a2-b5be-aa091324e334
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Mon, 01 Apr 2024 20:04:07 GMT
server: Fastly
etag: "26e0fb27f65fecb5bc1a65286e56c617"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
40 KB 22ms
19ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:21 GMT
via: 1.1 varnish
age: 220490
x-cache: HIT
content-length: 40295
x-request-id: caa626bb-dc2b-4bb4-a590-fdd94ae23283
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Fastly
etag: "f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4882

GET
H2 200 elements-inner-payment-request-0708c0440c3c2eb2cf2893d94b98e637.html
js.stripe.com/v3/ Frame 7829 0
0 25ms
25ms Document
text/html 18.239.94.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-0708c0440c3c2eb2cf2893d94b98e637.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-63.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://checkout.main-gauche.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2395
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 15:01:57 GMT
etag: "0708c0440c3c2eb2cf2893d94b98e637"
last-modified: Thu, 16 May 2024 20:02:18 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
x-amz-cf-id: ajknLEmJHblH_4pyZUgM_GZjpkj0X_Ix-tuPxW1PIJMurghsSQ7-bw==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
434 B 18ms
18ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/stripe-a3efa628db8502f14318f9834c73307a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://checkout.main-gauche.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 May 2024 15:41:25 GMT
via: 1.1 varnish
age: 2127354
x-cache: HIT
content-length: 127
x-request-id: 29109a27-c46a-447a-beb4-fd4243bb1682
x-served-by: cache-lcy-eglc8600030-LCY
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Fastly
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13346

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-21 06:15:20	Name: m Value: 996634c0-9d7e-4450-8532-bad57ef2f397768c7f
.checkout.main-gauche.com/	1970-01-21 05:24:56	Name: __stripe_mid Value: 5f685b78-a192-4534-bbf9-ae2322df7a5df72e65
.checkout.main-gauche.com/	1970-01-20 20:39:22	Name: __stripe_sid Value: 343034be-1a19-443e-843f-2bf256e1cf6c8914e2
api.hcaptcha.com/	1970-01-20 21:22:32	Name: hmt_id Value: 5ee3a118-2b48-4ac6-bd33-cb24fe78fa00

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://checkout.main-gauche.com/b/00g6rCf0678v2JL1AI Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://js.stripe.com https://r.stripe.com https://checkout-cookies.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://merchant-ui-api.stripe.com; default-src 'self'; font-src 'self' https://js.stripe.com; form-action 'none'; frame-src 'self' https://js.stripe.com https://payments.stripe.com https://checkout.link.com; img-src 'self' https://q.stripe.com https://js.stripe.com https://stripe-camo.global.ssl.fastly.net https://d1wqzb5bdbcre6.cloudfront.net https://qr.stripe.com https://b.stripecdn.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self' https://js.stripe.com 'sha256-MhJXriqz7P/nM/kr2Yx1NMDOvpWN8q2Gj8Kfm89ipjk=' 'sha256-Rs7zoycEGz8Aoh9NxrpDQaZ9oV27ZjlGKVOcL1V1ntA=' 'sha256-d/mp7EKwm3b57c9pEpqBFfrVzOF9JLXuaOt+Av9iI7c='; style-src 'self' https://js.stripe.com 'sha256-FLfzCmfmG72/B/W2L2O3OsoVkhq9pQvCH0CM5OItwxU='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

checkout.main-gauche.com
js.stripe.com
merchant-ui-api.stripe.com
stripe-camo.global.ssl.fastly.net
151.101.0.176
151.101.193.194
18.239.94.63
198.202.176.141
2606:4700:4400::6812:2bcc
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0f05cf8ec70f6f8bdc7175cd7ab16d9dd7d9e4e8141f9045b02e0fd0c340115f
16fce95ebf29c21641288245cf36f947d2fca720591f3652b501eb24ea6d1531
3ad85dc97c49a1271a20d073e60a6ba0af2b85c9f365885d5345d10c1840ac6c
40344e8b126a75408f187a246c6da3491faad56a2a4de46542c689ded5fcf73a
498afd2eb03af332f25b680877e86a00699705e3aaaa503b4bdfd6c838d05de8
56e9db1f01ad56002df3b97b46923db0c98fc10a3aa949d8500cb6b12e92246c
5cbe875286c0c120c5f668ff2ed214d4374245e50ee2a32293b52e8f1fe07e74
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
747fca640bc3ae35c7422e023f27cf4a0953b7fe694bfb8bb528b50b70bd15ce
74a78b332f2cb369cc2bc15dbc6d52a789350c44ba83c7cd8f27c9c3e8c3518b
752632740de79ea8871a43460bd6473ae1f3cb4fec3bee3f2d0c6b7ed6bd12dc
8464c7abe39b60971d44cc0671dff3621aa040d71f1c63ad63c0d8250d3aefd5
8751faa01a9ff5956a525ecf8619873fa2f7fcbc53f469629be3815f65792aa2
8c40c9aa27800c8e402f2595449992967f4986718038436bd0319c7bee309d4c
9ec62336e0c44d755a1c56ace90dc848afd764446d293d78a28304fa5c371613
b1bb6e61a5cad4a7f1c4288400380769c7ae053493039168a866a94e5ee0c2e6
b52c33d9d5730f7814f910f993e778793d3edbf88d628c013825b6a5bc93efaa
cfc67d8fb62555bd66b06d8443a834e5b9aa48a852c8640032cb2ee9d5ba982b
d01fcecb63d415748a59a7c901f73c3747249a5cf74ca085c1714f063cb177a6
d0b63ce61a6e0367ae657102f479f114fa8851a0e95d1894971dd5cddb426725
ff1af916699eb08c41bc14e02ed5e7b8d6e5931cfb8d71a34bdc5b347cf5c3ca

checkout.main-gauche.com Open in urlscan Pro 2606:4700:4400::6812:2bcc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

20 %IPv6

3 Domains

4 Subdomains

5 IPs

1 Countries

1054 kBTransfer

4038 kBSize

4 Cookies

3 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

checkout.main-gauche.com Open in urlscan Pro
2606:4700:4400::6812:2bcc Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

4
Subdomains

5
IPs

1
Countries

1054 kB
Transfer

4038 kB
Size

4
Cookies

34 HTTP transactions
0 data transactions