urlscan.io logo urlscan.io
SecurityTrails logo

app.threatstack.com Open in urlscan Pro
2606:4700::6811:3414  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.threatstack.com/5cab65709c07cb832baa4874/events/query?ce=1654346630890&cs=1654315200000&q=YWdlbnRfaWQgPSAiNjk0M2...
Effective URL: https://app.threatstack.com/login
Submission: On May 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6811:3414, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.threatstack.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 12th 2022. Valid for: a year.
This is the only time app.threatstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2606:4700::68... 13335 (CLOUDFLAR...)
7 151.101.0.176 54113 (FASTLY)
9 54.187.159.182 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 54.149.34.29 16509 (AMAZON-02)
29 5
11    2606:4700::6811:3414 (United States)

ASN13335 (CLOUDFLARENET, US)
app.threatstack.com
7    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
9    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
r.stripe.com
2    2600:9000:2057:aa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    54.149.34.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-34-29.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
17 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1062
q.stripe.com — Cisco Umbrella Rank: 5929
r.stripe.com — Cisco Umbrella Rank: 3755
m.stripe.com — Cisco Umbrella Rank: 1038
370 KB
11 threatstack.com
app.threatstack.com
2 MB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1128
16 KB
29 3
Domain Requested by
11 app.threatstack.com 1 redirects app.threatstack.com
7 js.stripe.com app.threatstack.com
js.stripe.com
5 r.stripe.com js.stripe.com
4 q.stripe.com app.threatstack.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
29 6

This site contains no links.

Subject Issuer Validity Valid
app.threatstack.com
Entrust Certification Authority - L1K		 2022-07-12 -
2023-08-11		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-04-20 -
2023-08-05		 4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh

This page contains 4 frames:

Primary Page: https://app.threatstack.com/login
Frame ID: 42504068B740A7B8924454E72F51CFEE
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
Frame ID: D079562C3472D12024FCF3870C10869A
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 997FD411272870C14765E9601FC741A4
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5986D8962ED616DB9D12F6D7DC438670
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AIP

Page URL History Show full URLs

  1. https://app.threatstack.com/5cab65709c07cb832baa4874/events/query?ce=1654346630890&cs=1654315200000&q=YW... HTTP 302
    https://app.threatstack.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

29
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

2679 kB
Transfer

10032 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.threatstack.com/5cab65709c07cb832baa4874/events/query?ce=1654346630890&cs=1654315200000&q=YWdlbnRfaWQgPSAiNjk0M2VlODYtNTljZC0xMWVjLTkyNzYtNTNmOWQzMmI1MjZmIiBBTkQgcGlkPSAyOTY1MCAgQU5EIGV2ZW50X3RpbWU%2BPSAxNjU0MzQ0OTcxNTEw HTTP 302
    https://app.threatstack.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.threatstack.com/
Redirect Chain
  • https://app.threatstack.com/5cab65709c07cb832baa4874/events/query?ce=1654346630890&cs=1654315200000&q=YWdlbnRfaWQgPSAiNjk0M2VlODYtNTljZC0xMWVjLTkyNzYtNTNmOWQzMmI1MjZmIiBBTkQgcGlkPSAyOTY1MCAgQU5EIGV...
  • https://app.threatstack.com/login
1 KB
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e1e8255e7fe3f3e83d38ad8fe3fbc75b9f547ffb413b9769620df44dec84f3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://app.threatstack.com
cache-control
private, no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7c4043952f5a9196-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 08:17:02 GMT
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://app.threatstack.com
cache-control
private, no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7c4043932de09196-FRA
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 08:17:02 GMT
location
/login
server
cloudflare
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Origin, Accept, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		471 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ebc0a2e260c074f09d4a4d093000e2ff431f82c0bb336c620f4c46ce2cc131ba
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 May 2023 08:17:02 GMT
via
1.1 varnish
age
48
x-cache
HIT
content-length
129410
x-request-id
195c0602-7427-494e-b9fd-9c5e1ce9a256
x-served-by
cache-fra-etou8220057-FRA
last-modified
Fri, 05 May 2023 20:31:23 GMT
server
Fastly
etag
"6ef02cb77f0552bda4a3018abfeded23"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
cc-environment.js
app.threatstack.com/cdn/ 		98 B
234 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/cc-environment.js
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5fb112235a0df61625f3dd27a582d14d9736f41d644536b7bb63500cdd59a3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:02 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
age
2071
content-encoding
gzip
x-xss-protection
1; mode=block
last-modified
Wed, 14 Dec 2022 20:54:30 GMT
server
cloudflare
etag
W/"62-185126adadf"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
cf-ray
7c404395f8029196-FRA
expires
Tue, 09 May 2023 08:17:02 GMT
2918.3d845755886be98c795a.css
app.threatstack.com/cdn/processed/ 		677 KB
206 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/2918.3d845755886be98c795a.css
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b4075226669820619b349133786c9d13f27d6372190ec27ef7230fa25b0a7e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:02 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
content-encoding
gzip
age
2071
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"a95f8-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
cf-ray
7c404395f8009196-FRA
expires
Tue, 09 May 2023 08:17:02 GMT
main.3d845755886be98c795a.css
app.threatstack.com/cdn/processed/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/main.3d845755886be98c795a.css
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fccc0b041087213baa8a3cd17cce2b56e5bdb4aa7e229503d7fffd926a99583b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:02 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
content-encoding
gzip
age
2071
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"2c05-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
cf-ray
7c404395f8039196-FRA
expires
Tue, 09 May 2023 08:17:02 GMT
aip-runtime-db64d1d6.bundle.js
app.threatstack.com/cdn/processed/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/aip-runtime-db64d1d6.bundle.js
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0f874d8c369317e7c4fe75d0af2e7e1b4f24ba12cedd4a57bf9720172474f3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:02 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
content-encoding
gzip
age
2071
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"1753-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
cf-ray
7c40439688759196-FRA
expires
Tue, 09 May 2023 08:17:02 GMT
aip-2918-01a974c3.bundle.js
app.threatstack.com/cdn/processed/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/aip-2918-01a974c3.bundle.js
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4650ba1e6be5daa9a9408251788585fc7a73b5e8d4b090a119bb88e6ef97c95
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:02 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
content-encoding
gzip
age
2071
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"5aa9e7-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
cf-ray
7c404396c8ac9196-FRA
expires
Tue, 09 May 2023 08:17:02 GMT
aip-main-5740ff85.bundle.js
app.threatstack.com/cdn/processed/ 		2 MB
473 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/aip-main-5740ff85.bundle.js
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db45645c1caf846583816412a0f1267276b1aec10a11844c36b4aa6fda4c3e4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:02 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
content-encoding
gzip
age
2071
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"1f846d-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
cf-ray
7c404396c8ae9196-FRA
expires
Tue, 09 May 2023 08:17:02 GMT
controller-83270966f443677cd8d7e9ccdad2827d.html
js.stripe.com/v3/ Frame D079 		325 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
54a48fa79e78fe9304986726fb8a0e218f11563a6f198e3353b975574bbaed25
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.threatstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
24
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 08:17:03 GMT
etag
"83270966f443677cd8d7e9ccdad2827d"
last-modified
Fri, 05 May 2023 20:03:17 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
13
x-content-type-options
nosniff
x-request-id
653d5f57-45d3-4989-9648-85696e14d9ba
x-served-by
cache-fra-etou8220057-FRA
init
app.threatstack.com/api/login/ 		2 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/api/login/init
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/cdn/processed/aip-2918-01a974c3.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.threatstack.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:03 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
DYNAMIC
content-length
2
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.threatstack.com
cache-control
private, no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
cf-ray
7c40439b9c979196-FRA
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 997F 		200 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.threatstack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
10746276
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 08:17:03 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 21 Dec 2022 18:20:45 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
234725
x-content-type-options
nosniff
x-request-id
bb0ba593-a488-439a-9e72-a4c0077b193c
x-served-by
cache-fra-etou8220057-FRA
52e872c29fb7342dbfcb.woff
app.threatstack.com/cdn/processed/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/52e872c29fb7342dbfcb.woff
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9d69fb96c6afa2ce0ccad6bf30c943a1b6286f8494361e55dc3f31cbb84d1a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.threatstack.com/login
Origin
https://app.threatstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:03 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
age
2071
content-length
28252
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"6e5c-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
font/woff
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c40439baca09196-FRA
expires
Tue, 09 May 2023 08:17:03 GMT
a1d3ac147d7923a9319e.woff
app.threatstack.com/cdn/processed/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.threatstack.com/cdn/processed/a1d3ac147d7923a9319e.woff
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3414 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
addf7e2befdd2d5cc666c3e43daf716057ec626e0e533c6c7a4c67a42a72e72d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.threatstack.com/login
Origin
https://app.threatstack.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 08:17:03 GMT
content-security-policy
default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
x-content-type-options
nosniff
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cf-cache-status
HIT
age
2071
content-length
29100
x-xss-protection
1; mode=block
last-modified
Wed, 12 Apr 2023 19:09:15 GMT
server
cloudflare
etag
W/"71ac-18776df3f78"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
font/woff
access-control-allow-origin
https://app.threatstack.com
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7c40439baca19196-FRA
expires
Tue, 09 May 2023 08:17:03 GMT
shared-9f68555268209266a4e8bc4ae6a10a6a.js
js.stripe.com/v3/fingerprinted/js/ Frame D079 		445 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
fa85f1a6c711805dd25772b2f1fd71a0756a4ef5dfceb73e70ab0b3644d440fb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 May 2023 08:17:03 GMT
via
1.1 varnish
age
216684
x-cache
HIT
content-length
113639
x-request-id
26947697-b5fb-421d-b718-243701cfed70
x-served-by
cache-fra-etou8220057-FRA
last-modified
Fri, 05 May 2023 20:03:29 GMT
server
Fastly
etag
"49fb2e65ebfd7afe757adc5c99118bff"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23027
controller-1479fcecd061ee2de90050028957aa96.js
js.stripe.com/v3/fingerprinted/js/ Frame D079 		456 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-1479fcecd061ee2de90050028957aa96.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
bee37b7bccf5c81686fcdef0af5d9665c73e749d39530612b9f35224bb1ed6ab
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 May 2023 08:17:03 GMT
via
1.1 varnish
age
227494
x-cache
HIT
content-length
127576
x-request-id
82e94dca-3118-4db2-97d6-ab0361e40d65
x-served-by
cache-fra-etou8220057-FRA
last-modified
Fri, 05 May 2023 17:04:35 GMT
server
Fastly
etag
"7a2a094b16657c9a2b227fba0a2950f3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24284
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 997F 		631 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 May 2023 08:17:03 GMT
via
1.1 varnish
age
15163933
x-cache
HIT
content-length
332
x-request-id
3056e16c-e5b3-49d4-92b3-56636246741e
x-served-by
cache-fra-etou8220057-FRA
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
208601
csp-report
q.stripe.com/ Frame D079 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 08 May 2023 08:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683533824155950
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1683533824155470
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 997F 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 08 May 2023 08:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683533824155848
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1683533824155332
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 997F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 08 May 2023 08:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683533824155954
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1683533824155520
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 5986 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
234
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 08 May 2023 08:13:10 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-id
8GKtc-F0P_LsoVUdGiE6X3js40PXgjfi9hmD3EKmMrlpAWKLwiDaXg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
.deploy_status_henson.json
js.stripe.com/v3/ Frame D079 		474 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5ae9b0a441c03876c93e08282ce8b0332d2af3416fc5331a292c0b671e57791b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-83270966f443677cd8d7e9ccdad2827d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 08:17:03 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
10
x-cache
HIT
content-length
298
x-request-id
6146c0b9-c7b1-4f6d-ac36-9a7ace855fbb
x-served-by
cache-fra-etou8220055-FRA
last-modified
Fri, 05 May 2023 20:32:12 GMT
server
Fastly
etag
"aef5618eab2598b570e07c4d8d00888b"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
csp-report
q.stripe.com/ Frame 5986 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.threatstack.com
URL: https://app.threatstack.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 08 May 2023 08:17:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683533824156013
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1683533824155472
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 5986 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 08 May 2023 08:13:16 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
228
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
1wifmjZJkkoh5UKhoO6x8hqDIo6O5PshbNuYapSWZ6o_fqrUJMoiJA==
0
r.stripe.com/ Frame D079 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Mon, 08 May 2023 08:17:04 GMT
x-stripe-server-envoy-start-time-us
1683533824167130
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1683533824166868
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D079 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Mon, 08 May 2023 08:17:04 GMT
x-stripe-server-envoy-start-time-us
1683533824167156
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1683533824166899
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D079 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Mon, 08 May 2023 08:17:04 GMT
x-stripe-server-envoy-start-time-us
1683533824356682
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1683533824356508
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D079 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Mon, 08 May 2023 08:17:04 GMT
x-stripe-server-envoy-start-time-us
1683533824167202
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1683533824166958
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D079 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9f68555268209266a4e8bc4ae6a10a6a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Mon, 08 May 2023 08:17:04 GMT
x-stripe-server-envoy-start-time-us
1683533824357357
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1683533824357057
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame 5986 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.34.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-34-29.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a327fe5f1abfbfe26fc32067efff9f597f7b70f4a3ac6229a78dfef9990d30e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 08 May 2023 08:17:04 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1683533824243134
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1683533824242881
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| webpackChunkStripeJSouter function| noop function| Stripe object| cc_environment object| webpackChunkcloud_cover function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| base32 boolean| DEBUG object| CC

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 09e90bf1-43cc-4087-bf82-ccbd880c7502e19cf8
.app.threatstack.com/ Name: __stripe_mid
Value: 9ebea945-cb4d-499c-a746-17155dba8dd804557f
.app.threatstack.com/ Name: __stripe_sid
Value: 002b2602-5360-42cc-9537-35cb2beb38118644f6

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' api.stripe.com js.stripe.com 'sha256-uB0AOBG+hAs6K1BPS4N9ohof+rC6xsd8wfbrF+0RBCo='; connect-src 'self' *.mapbox.com events.launchdarkly.com app.launchdarkly.com clientstream.launchdarkly.com ts-compliance-reports-prod.s3.amazonaws.com *.volterra.us; style-src 'self' 'unsafe-inline'; font-src *; img-src * data:; frame-src js.stripe.com https://app.threatstack.com https://pkg.threatstack.com
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.threatstack.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
151.101.0.176
2600:9000:2057:aa00:19:7d10:bd80:93a1
2606:4700::6811:3414
54.149.34.29
54.187.159.182
1db45645c1caf846583816412a0f1267276b1aec10a11844c36b4aa6fda4c3e4
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
27e1e8255e7fe3f3e83d38ad8fe3fbc75b9f547ffb413b9769620df44dec84f3
2d5fb112235a0df61625f3dd27a582d14d9736f41d644536b7bb63500cdd59a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
54a48fa79e78fe9304986726fb8a0e218f11563a6f198e3353b975574bbaed25
5ae9b0a441c03876c93e08282ce8b0332d2af3416fc5331a292c0b671e57791b
5f0f874d8c369317e7c4fe75d0af2e7e1b4f24ba12cedd4a57bf9720172474f3
a327fe5f1abfbfe26fc32067efff9f597f7b70f4a3ac6229a78dfef9990d30e0
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
addf7e2befdd2d5cc666c3e43daf716057ec626e0e533c6c7a4c67a42a72e72d
bee37b7bccf5c81686fcdef0af5d9665c73e749d39530612b9f35224bb1ed6ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc0a2e260c074f09d4a4d093000e2ff431f82c0bb336c620f4c46ce2cc131ba
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4650ba1e6be5daa9a9408251788585fc7a73b5e8d4b090a119bb88e6ef97c95
f4b4075226669820619b349133786c9d13f27d6372190ec27ef7230fa25b0a7e
fa85f1a6c711805dd25772b2f1fd71a0756a4ef5dfceb73e70ab0b3644d440fb
fc9d69fb96c6afa2ce0ccad6bf30c943a1b6286f8494361e55dc3f31cbb84d1a
fccc0b041087213baa8a3cd17cce2b56e5bdb4aa7e229503d7fffd926a99583b