urlscan.io logo urlscan.io
SecurityTrails logo

www.mymarketaccount.net Open in urlscan Pro
2600:9000:20eb:9a00:0:c625:3bc0:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mymarketaccount.net/
Submission: On May 27 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2600:9000:20eb:9a00:0:c625:3bc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.mymarketaccount.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 27th 2019. Valid for: 2 years.
This is the only time www.mymarketaccount.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2600:9000:20e... 16509 (AMAZON-02)
5 151.101.112.176 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.38.167.254 16509 (AMAZON-02)
11 4
Domain Requested by
4 www.mymarketaccount.net www.mymarketaccount.net
3 js.stripe.com www.mymarketaccount.net
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 cdn.onesignal.com www.mymarketaccount.net
11 5

This site contains no links.

Subject Issuer Validity Valid
mymarketaccount.net
Go Daddy Secure Certificate Authority - G2		 2019-05-27 -
2021-07-26		 2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-14 -
2021-08-04		 4 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-16 -
2021-08-04		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://www.mymarketaccount.net/
Frame ID: EFA82CFA82B9ABFD531ABA3C35EA131B
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
Frame ID: 49F9E9CC177BAA81F9011F326F1F8A1F
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 276EFBD311020C8D35969712172DB8AE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

2084 kB
Transfer

7598 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mymarketaccount.net/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mymarketaccount.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9a00:0:c625:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e1b15141b44794fbc5200415531225ddf57799c3487d1273aaaa3d2d8e80eac

Request headers

:method
GET
:authority
www.mymarketaccount.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
last-modified
Fri, 21 May 2021 19:42:44 GMT
server
AmazonS3
content-encoding
gzip
date
Wed, 26 May 2021 16:32:32 GMT
etag
W/"41b973d41642110b44c438658d02a577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Trc8OHzZgbuyFkMw_s2FhzqFebuD7nqLBq33y9Y0IA8kziQPXTzacA==
age
81051
/
js.stripe.com/v3/ 		237 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.mymarketaccount.net
URL: https://www.mymarketaccount.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a96181e382b9f5169f6f6c6ce96a884e6dd2665c02a6a0415fe024f975fe2f0
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.mymarketaccount.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:03:22 GMT
content-encoding
br
vary
Accept-Encoding
age
128
via
1.1 varnish
x-cache
HIT
content-length
56266
x-amz-id-2
E994llgD5l9bZmY+ZDRaM5twN4mvHrE2W12sVSfbVmljCOf30UXOlaL8C+j0Gyk9asDaBg4hDOU=
x-served-by
cache-hhn4073-HHN
timing-allow-origin
*
last-modified
Wed, 26 May 2021 18:17:46 GMT
server
AmazonS3
etag
"3b91782be60c8f5b9b913065f1edb0a3"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
Y49KRSJCDZ5ZKXRN
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
83
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.mymarketaccount.net
URL: https://www.mymarketaccount.net/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer
https://www.mymarketaccount.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:03:22 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
2066
etag
W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6560212b1ea31f51-FRA
cf-request-id
0a4ff30eef00001f51390c8000000001
expires
Sun, 30 May 2021 15:03:22 GMT
runtime~app.2e9f1821.js
www.mymarketaccount.net/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mymarketaccount.net/static/js/runtime~app.2e9f1821.js
Requested by
Host: www.mymarketaccount.net
URL: https://www.mymarketaccount.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9a00:0:c625:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf5179307dc84ec5a14ccca0239492462451e615bcf862c4d6a16bde628f5553

Request headers

:path
/static/js/runtime~app.2e9f1821.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mymarketaccount.net
referer
https://www.mymarketaccount.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mymarketaccount.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 10:15:19 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 19:42:51 GMT
server
AmazonS3
age
17283
etag
W/"10e90ab684dc31670ad8db85ead20410"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
FsGvqAzInS3cWYA1Inbhvjvp6cTaGPi71fhMJ7FuKaCYBR6KfkMyYg==
2.157bfb66.chunk.js
www.mymarketaccount.net/static/js/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mymarketaccount.net/static/js/2.157bfb66.chunk.js
Requested by
Host: www.mymarketaccount.net
URL: https://www.mymarketaccount.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9a00:0:c625:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad964c07d89c317ae6d8241fc1b3e158051ade98a54c9503a74a1a488bac74b8

Request headers

:path
/static/js/2.157bfb66.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mymarketaccount.net
referer
https://www.mymarketaccount.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mymarketaccount.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:45:53 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 19:42:48 GMT
server
AmazonS3
age
47849
etag
W/"3273553ebaefae28f508f7fa02cbb5da-2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
cKiJ8_56f0QsARUmutQLsAG8osupUZekFy6dGH0V5aVChg-tcIGSxA==
app.f2349ccc.chunk.js
www.mymarketaccount.net/static/js/ 		2 MB
434 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mymarketaccount.net/static/js/app.f2349ccc.chunk.js
Requested by
Host: www.mymarketaccount.net
URL: https://www.mymarketaccount.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9a00:0:c625:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7e6abebcef5a98e4e1a2b9cbc5b35a18942cd96fc2279173b69b34cc7256c87

Request headers

:path
/static/js/app.f2349ccc.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mymarketaccount.net
referer
https://www.mymarketaccount.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mymarketaccount.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 16:34:31 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 19:42:50 GMT
server
AmazonS3
age
80932
etag
W/"66a9ff6b4fbcaa3d64f31aa02a383ca1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
a7ZTlSlabwtvqNWLzqkx_DaxR94OWyx9xvI-9TV2MLfWr8M1DC_w4g==
m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
js.stripe.com/v3/ Frame 49F9 		215 B
544 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
177b03c6d80b7ba81412d538c1dbd74ba27c933a2cd8be0f802236e9f796d42e
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mymarketaccount.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mymarketaccount.net/

Response headers

x-amz-id-2
4Ja8+vUlEJ9F6+xVo/cgSy3sLN4C8ljV6QAxpB8lOIRom5JWSTRMEx05sKZZBBdvEvfEFLTYB2I=
x-amz-request-id
KKCX98TB8FPDDHMF
last-modified
Wed, 19 May 2021 22:00:34 GMT
etag
"257db74dfc4594d2bb652dc7b646dbc5"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Thu, 27 May 2021 15:03:22 GMT
via
1.1 varnish
age
217
x-served-by
cache-hhn4073-HHN
x-cache
HIT
x-cache-hits
738
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
129
m-outer-b07c750376b94b0da646edc72e01a46a.js
js.stripe.com/v3/fingerprinted/js/ Frame 49F9 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b07c750376b94b0da646edc72e01a46a.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45d29ba161d1bd7045e4061c1f010e9e427c2b7187f35f43f4ea77168fda261c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 15:03:22 GMT
content-encoding
br
vary
Accept-Encoding
age
178
via
1.1 varnish
x-cache
HIT
content-length
630
x-amz-id-2
xRt6II8vVCIqiVC/cmqICpvkUN1cFMobnGsToDcrCeliAC/LLdQs1DpgwdQOT1E5M1U84YtyoH0=
x-served-by
cache-hhn4073-HHN
timing-allow-origin
*
last-modified
Wed, 19 May 2021 22:00:35 GMT
server
AmazonS3
etag
"ae48007340e7711406d5c8c60a6c92fe"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
A2RWR993WBDHMG7Y
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
594
inner.html
m.stripe.network/ Frame 276E 		932 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b07c750376b94b0da646edc72e01a46a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Thu, 20 May 2021 17:57:41 GMT
etag
W/"60a6a315-3a4"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Thu, 27 May 2021 15:03:22 GMT
age
268
x-served-by
cache-sea4444-SEA, cache-hhn4073-HHN
x-cache
HIT, HIT
x-cache-hits
3, 1003
x-timer
S1622127803.849198,VS0,VE0
vary
Accept-Encoding
content-length
537
out-4.5.35.js
m.stripe.network/ Frame 276E 		85 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.35.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"60a6a315-153a9"
age
151
x-cache
HIT, HIT
content-length
18319
x-served-by
cache-sea4465-SEA, cache-hhn4073-HHN
last-modified
Thu, 20 May 2021 17:57:41 GMT
server
nginx
x-timer
S1622127803.888821,VS0,VE0
date
Thu, 27 May 2021 15:03:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 548
6
m.stripe.com/ Frame 276E 		156 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.167.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-167-254.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8f8af7ab81e627d394eb497f16da680f80562e619500c1059ecb9e9ea3ffcaa0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 May 2021 15:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __webpackStripeJSv3Jsonp function| Stripe object| OneSignal object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| __assign function| __extends function| _ object| AWS function| Buffer function| Alert7

3 Cookies

Domain/Path Name / Value
.www.mymarketaccount.net/ Name: __stripe_sid
Value: 834ccdc2-a353-4ba0-93b6-86383637da4b20eb57
.www.mymarketaccount.net/ Name: __stripe_mid
Value: c148452b-7e27-4747-8424-6c714c023b3a8e8de3
www.mymarketaccount.net/ Name: ai_user
Value: KYo5l/J2uYvnU5buZqLZMI|2021-05-27T15:03:22.423Z

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api info URL: https://www.mymarketaccount.net/static/js/app.f2349ccc.chunk.js(Line 1)
Message:
Registered service-worker [object ServiceWorkerRegistration]