HTTP Headers Analysis for https://support.stripe.com

Detected Technologies from Headers

See all in URL Inspect 7

Amazon S3

Google reCAPTCHA

Google Search

Google Static File Front End

Nginx

Stripe

Google Cloud

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=63072000; includeSubDomains; preload

Content-Security-Policy

Strong

base-uri; connect-src; default-src; +10 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

connection: close

Caching Headers

No caching headers found

Content Headers

Content-Length

Content

20809

Content-Type

Content

text/html;charset=utf-8

content-length: 20809
content-type: text/html;charset=utf-8

Server Headers

Server

nginx

server: nginx

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: cid=4dcecd8d-333b-435b-9cc2-b96a1911ba03; domain=stripe.com; path=/; expires=Mon, 25 May 2026 09:49:29 GMT; secure; SameSite=Lax

Other Headers

Cross-Origin-Opener-Policy-Report-Only

Other

same-origin-allow-popups; report-to="wsp_coop"

Date

Other

Tue, 24 Feb 2026 09:49:29 GMT

Report-To

Other

{"group":"wsp_coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A=="}],"include_subdomains":true},{"group":"wsp_coep","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coep-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A=="}],"include_subdomains":true}

Reporting-Endpoints

Other

wsp_coop="https://q.stripe.com/coop-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A==",wsp_coep="https://q.stripe.com/coep-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A=="

X-Stripe-Priority-Routing-Enabled

Other

true

X-Stripe-Proxy-Response

Other

upstream

X-Stripe-Routing-Context-Priority-Tier

Other

livemode

X-Stripe-Server-Rpc-Duration-Micros

Other

916787

X-Wc

Other

ABCEFGHIJ

cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="wsp_coop"
date: Tue, 24 Feb 2026 09:49:29 GMT
report-to: {"group":"wsp_coop","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coop-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A=="}],"include_subdomains":true},{"group":"wsp_coep","max_age":8640,"endpoints":[{"url":"https://q.stripe.com/coep-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A=="}],"include_subdomains":true}
reporting-endpoints: wsp_coop="https://q.stripe.com/coop-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A==",wsp_coep="https://q.stripe.com/coep-report?s=AgNBbWbneFrRENBitP_0Gx8ULPTMDEJ65bku7iS4HHITT_YqQoXTt9zS0Bvdpl1YhkUd1l6iFJmmUr9J-A=="
x-stripe-priority-routing-enabled: true
x-stripe-proxy-response: upstream
x-stripe-routing-context-priority-tier: livemode
x-stripe-server-rpc-duration-micros: 916787
x-wc: ABCEFGHIJ

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching