{ "domain": "stripe.com", "findings": [ { "checkSlug": "spf", "data": { "mechanisms": [ "v=spf1", "ip4:198.2.180.60/32", "ip4:13.111.2.227/32", "include:spf1.stripe.com", "include:greenhouse-outbound-mail.stripe.com", "include:_spf.qualtrics.com", "~all" ], "record": "v=spf1 ip4:198.2.180.60/32 ip4:13.111.2.227/32 include:spf1.stripe.com include:greenhouse-outbound-mail.stripe.com include:_spf.qualtrics.com ~all" }, "fetchedAt": "2026-05-20T13:26:15.338Z", "frameworks": ["SOC 2 CC6.7", "ISO 27001 A.8.20", "NIST SC-8"], "host": "stripe.com", "recommendations": [ "Move to -all (hardfail) once your mail flow is confirmed — softfail gives no real protection" ], "severity": "medium", "severityReason": "~all softfail — receivers may still accept", "status": "ok", "subdomain": "" }, { "checkSlug": "dkim", "data": { "selectors": [ { "selector": "default", "status": "not_found" }, { "record": "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4T1PE2vh5xqRGzOrDnkoi03N/BFQ+GLa/xF69d8K0QOZBxTJbttc2DxcPdpvxqQRQOheompWvzCvWw/SH/NMgq72ulPKz2nHQbU6wIucXMf/sizgnsy+Ihiw9S5c/5sBMHUVZStqhHMuY8BGx0wGLavSmMFzBNdchT4g+46OuhQIDAQAB", "selector": "google", "status": "found" }, { "selector": "k1", "status": "not_found" }, { "selector": "selector1", "status": "not_found" }, { "selector": "selector2", "status": "not_found" }, { "selector": "mxvault", "status": "not_found" } ] }, "fetchedAt": "2026-05-20T13:26:15.341Z", "frameworks": ["SOC 2 CC6.7", "ISO 27001 A.8.24", "NIST SC-8"], "host": "stripe.com", "recommendations": [ "Check the missing selectors in your DNS provider and re-add any removed records" ], "severity": "low", "severityReason": "1/6 DKIM selectors valid", "status": "ok", "subdomain": "" }, { "checkSlug": "dnssec", "data": { "adFlag": false, "dnskey": [], "dnssecEnabled": false, "ds": [] }, "fetchedAt": "2026-05-20T13:26:15.360Z", "frameworks": ["SOC 2 CC6.6", "ISO 27001 A.8.20", "NIST SC-20"], "host": "stripe.com", "recommendations": [ "Enable DNSSEC in your DNS provider's control panel and add the resulting DS record at your registrar" ], "severity": "low", "severityReason": "DNSSEC not configured — no DS or DNSKEY records found", "status": "ok", "subdomain": "" }, { "checkSlug": "tls", "data": { "authorized": true, "fingerprint256": "8A:70:99:90:BF:03:63:E3:C3:7A:74:F0:72:38:29:12:FA:53:FB:A5:E2:85:A9:94:38:D4:F3:CB:2E:B7:85:38", "issuer": { "CN": "DigiCert Global G3 TLS ECC SHA384 2020 CA1", "O": "DigiCert Inc" }, "sans": ["stripe.com", "www.stripe.com"], "subject": { "CN": "stripe.com", "O": "Stripe, Inc" }, "validFrom": "Mar 4 00:00:00 2026 GMT", "validTo": "Jul 2 23:59:59 2026 GMT" }, "fetchedAt": "2026-05-20T13:26:15.436Z", "frameworks": ["SOC 2 CC6.1", "ISO 27001 A.8.24", "NIST SC-8(1)"], "host": "stripe.com", "recommendations": ["Schedule certificate renewal — consider enabling auto-renewal"], "severity": "low", "severityReason": "cert expires in 43 days", "status": "ok", "subdomain": "" }, { "checkSlug": "cors", "data": { "anyAcHeader": false, "method": "GET", "origin": "https://drwho.me", "preflightStatus": 204 }, "fetchedAt": "2026-05-20T13:26:15.517Z", "frameworks": ["SOC 2 CC6.6", "ISO 27001 A.8.23", "NIST AC-4"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "no CORS headers — cross-origin requests blocked by default", "status": "ok", "subdomain": "" }, { "checkSlug": "ct_log", "data": { "certCount": 100, "source": "certspotter", "subdomains": [ "api.stripe.com", "auth.stripe.com", "bfcm.stripe.com", "bofa-enhanced-issuer-network.stripe.com", "book.stripe.com", "buy.fastly.cdn.stripe.com", "buy.stripe.com", "checkout.fastly.cdn.stripe.com", "checkout.stripe.com", "connect-js.stripe.com", "connections-auth.stripe.com", "connections-sandbox.stripe.com", "cpe.corp.stripe.com", "cpe.qa.corp.stripe.com", "crypto-js.stripe.com", "dashboard-admin.stripe.com", "dashboard.stripe.com", "donate.stripe.com", "edge-book.stripe.com", "edge-buy.fastly.cdn.stripe.com", "edge-buy.stripe.com", "edge-checkout.fastly.cdn.stripe.com", "edge-checkout.stripe.com", "edge-donate.stripe.com", "edge-invoice.fastly.cdn.stripe.com", "edge-invoice.stripe.com", "edge-js.fastly.cdn.stripe.com", "edge-js.stripe.com", "fl.corp.stripe.com", "fl.qa.corp.stripe.com", "git.corp.stripe.com", "invoice.fastly.cdn.stripe.com", "invoice.stripe.com", "irs-ides-client.stripe.com", "jira.corp.stripe.com", "jira.qa.corp.stripe.com", "js.fastly.cdn.stripe.com", "js.stripe.com", "jss.corp.stripe.com", "jss.qa.corp.stripe.com", "m.stripe.com", "not-a-git.corp.stripe.com", "partner-ideal-prod.stripe.com", "partner-ideal-qa.stripe.com", "pay-by-bank.stripe.com", "preprod-bfcm.stripe.com", "preprod-checkout.stripe.com", "preprod-connect-js.stripe.com", "preprod-connections-sandbox.stripe.com", "preprod-invoice.stripe.com", "preprod-js.stripe.com", "preprod-secure-files.fastly.cdn.stripe.com", "preprod-secure-files.stripe.com", "preprod-status.stripe.com", "preprod-terminal-statics.stripe.com", "preprod-trust.stripe.com", "prod-partner-hdfc.stripe.com", "qa-bfcm.stripe.com", "qa-book.stripe.com", "qa-buy.stripe.com", "qa-checkout.stripe.com", "qa-connect-js.stripe.com", "qa-connections-sandbox.stripe.com", "qa-donate.stripe.com", "qa-invoice.stripe.com", "qa-js.stripe.com", "qa-network-citi.stripe.com", "qa-partner-hdfc.stripe.com", "qa-secure-files.fastly.cdn.stripe.com", "qa-secure-files.stripe.com", "qa-status.stripe.com", "qa-terminal-statics.stripe.com", "qa-trust.stripe.com", "secure-files.fastly.cdn.stripe.com", "secure-files.stripe.com", "sessions.stripe.com", "status.stripe.com", "terminal-statics.stripe.com", "test-digicert-cert.stripe.com", "trust.stripe.com", "www.sessions.stripe.com", "www.stripe.com" ], "wildcards": [ "*.bom.corp.stripe.com", "*.cdg.corp.stripe.com", "*.cgk.corp.stripe.com", "*.cmh.corp.stripe.com", "*.corp.stripe.com", "*.dub.corp.stripe.com", "*.east.corp.stripe.com", "*.email.stripe.com", "*.local.corp.stripe.com", "*.northwest.corp.stripe.com", "*.pdx.corp.stripe.com", "*.preprod-cmh.corp.stripe.com", "*.preprod-pdx.corp.stripe.com", "*.preprod.corp.stripe.com", "*.qa-bom.corp.stripe.com", "*.qa-cdg.corp.stripe.com", "*.qa-cgk.corp.stripe.com", "*.qa-cmh.corp.stripe.com", "*.qa-dub.corp.stripe.com", "*.qa-east.corp.stripe.com", "*.qa-northwest.corp.stripe.com", "*.qa-pdx.corp.stripe.com", "*.qa.corp.stripe.com", "*.stripe.com", "*.terminal-events.stripe.com" ] }, "fetchedAt": "2026-05-20T13:26:26.252Z", "frameworks": ["SOC 2 CC7.2", "ISO 27001 A.8.16", "NIST SI-4"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "82 subdomain(s) found in CT logs (25 wildcard cert(s))", "status": "ok", "subdomain": "" }, { "checkSlug": "dmarc", "data": { "record": "v=DMARC1; p=reject; pct=100; fo=1; rua=mailto:dmarc-reports@stripe.com; ruf=mailto:dmarc-forensics@stripe.com;", "tags": { "fo": "1", "p": "reject", "pct": "100", "rua": "mailto:dmarc-reports@stripe.com", "ruf": "mailto:dmarc-forensics@stripe.com", "v": "DMARC1" } }, "fetchedAt": "2026-05-20T13:26:15.322Z", "frameworks": ["SOC 2 CC6.7", "ISO 27001 A.5.14", "NIST SC-8"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "p=reject — strict policy", "status": "ok", "subdomain": "" }, { "checkSlug": "dns", "data": { "records": { "A": [ { "TTL": 30, "data": "198.137.150.111", "name": "stripe.com", "type": 1 }, { "TTL": 30, "data": "198.202.176.111", "name": "stripe.com", "type": 1 } ], "AAAA": [], "CAA": [ { "TTL": 3600, "data": "\\# 39 00 05 69 6f 64 65 66 6d 61 69 6c 74 6f 3a 63 61 61 2d 76 69 6f 6c 61 74 69 6f 6e 73 40 73 74 72 69 70 65 2e 63 6f 6d", "name": "stripe.com", "type": 257 }, { "TTL": 3600, "data": "\\# 17 00 05 69 73 73 75 65 61 6d 61 7a 6f 6e 2e 63 6f 6d", "name": "stripe.com", "type": 257 }, { "TTL": 3600, "data": "\\# 19 00 05 69 73 73 75 65 64 69 67 69 63 65 72 74 2e 63 6f 6d", "name": "stripe.com", "type": 257 }, { "TTL": 3600, "data": "\\# 15 00 05 69 73 73 75 65 76 69 73 61 2e 63 6f 6d", "name": "stripe.com", "type": 257 } ], "NS": [ { "TTL": 43200, "data": "ns-1087.awsdns-07.org.", "name": "stripe.com", "type": 2 }, { "TTL": 43200, "data": "ns-1882.awsdns-43.co.uk.", "name": "stripe.com", "type": 2 }, { "TTL": 43200, "data": "ns-423.awsdns-52.com.", "name": "stripe.com", "type": 2 }, { "TTL": 43200, "data": "ns-705.awsdns-24.net.", "name": "stripe.com", "type": 2 } ], "SOA": [ { "TTL": 900, "data": "ns-1882.awsdns-43.co.uk. awsdns-hostmaster.amazon.com. 1 900 900 1209600 3600", "name": "stripe.com", "type": 6 } ], "TXT": [ { "TTL": 300, "data": "\"00D50000000JV6w=1TBTQ0000000CIv;00DDn000000HWol=1TBVY00000002Hx;00D4x000003vxGL=1TBPQ00000008Tp;00Dfn00000BUlWD=1TBan0000000LPR\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"MS=ms80697640\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"_mphpl78cv3thhugki4dkknlukgj1du6\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"anthropic-domain-verification-zk7x9c=QfN52ECybLPUWh51R9pKF0QO3\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"apple-domain-verification=8kIS0gmJTvILWQuI\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"asv=8de0c1a866b958297e22a36216e594a6\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"atlassian-domain-verification=upLp21qQgja1aHG2gnAb1AmXRqb/zG0UK1a0n3zTSXZg5DgOSttR3i5uzA3T9Cdk\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"canva-site-verification=xLypn0D9XANRy-lbwcMfHA\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"cursor-domain-verification-vncvvm=D0NzeIDbQa8PPgIf1ukp9UPiu\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"docker-verification=ccde1a0d-8d2c-44b5-9d20-6c4e19113fc9\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"docusign=4a93db58-af07-4632-a881-b569d41a6c57\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"docusign=4c9f5602-1c19-4e4c-bde7-77dc4b9ea8a0\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"edcbf4c7-b604-457b-870e-1b05f655e769\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"elevenlabs=NpcIkVJW_8Vyd2gLKzPviuaU1g5rz83KiWQQ3sWKGtI\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"facebook-domain-verification=m7id9rt8ehlgcg9tt2yggbsi6gro7i\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"fastly-domain-delegation-3c9tdnjzdwy7wfffvyyy-786084-2024-07-08\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"google-site-verification=NLkFgZLHeVMVYlR3t1UZC9_1LzmqCAefJyNDs6ZQqBA\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"google-site-verification=PrlpJHdk11CIkPsiXoHEAJevWHAk39JRFAqVSe9l7n0\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"google-site-verification=ZgGi2-xDdfnaWxdfjn5AqtUS11jKWqSXAV_EHODFzdE\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"google-site-verification=hPfjsDwiisKJ4RP1ExOst9gAOD_0P8Q7-kxdcKUvEcc\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"google-site-verification=pmz8ueKvWMPxNlwUDcVroF91-tq6I9VM6wSO_0i7-wc\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"google-site-verification=qjP3OAiraClha_40cX9Z9FrG5q3O_0InXSamXOswY-s\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"h1-domain-verification=KhpNX9YNAc7bX95agGvFsPPKbYTVe1KC6xj7P1zKZrRzxcuS\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"liveramp-site-verification=7gyFkTwGYsvgd7IUQwyAOfImETwR06wgKjKiXq90KEY\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"neat-pulse-domain-verification-8GMn8nv=36eba03d-345e-421a-a823-d6d1f28938a4\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"postman-domain-verification=c3b168067b16085c452b04b643ae1000079b095e383b53d1074e409b0e600b6265e1c7963beca1ca87cc63c381dcea332544c92c919651e4cda69f9a6303079c\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"stripe-verification=82ce82470fb8324e19fa65abdb6fd370da5a8f90bba09712f259760f625d0790\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"v=MCPv1; k=ed25519; p=WMeka0C1fIH9HQLMtsSM9DD9cM6Bz6Wz34mHnK86UcM=\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"v=spf1 ip4:198.2.180.60/32 ip4:13.111.2.227/32 include:spf1.stripe.com include:greenhouse-outbound-mail.stripe.com include:_spf.qualtrics.com ~all\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"whimsical=253112f9add9790f3a27b9d9893626451fc4cda1\"", "name": "stripe.com", "type": 16 }, { "TTL": 300, "data": "\"z4mthhzk10l6qc0rg4211mnnppkh2y5b\"", "name": "stripe.com", "type": 16 } ] } }, "fetchedAt": "2026-05-20T13:26:15.321Z", "frameworks": ["SOC 2 CC6.6", "ISO 27001 A.8.20", "NIST SC-20"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "A/AAAA records present", "status": "ok", "subdomain": "" }, { "checkSlug": "headers", "data": { "finalUrl": "https://stripe.com/in", "headers": { "connection": "keep-alive", "content-encoding": "gzip", "content-security-policy": "base-uri 'none'; child-src 'none'; connect-src https://c.increment.com https://c.stripe.dev https://c.stripe.global https://c.stripe.partners blob: https://b.stripecdn.com https://errors.stripe.com https://ext.stripe.com https://r.stripe.com https://stripe-images.s3.us-west-1.amazonaws.com https://stripe.com 'self'; default-src 'none'; font-src https://b.stripecdn.com 'self'; form-action https://stripe.com 'self'; frame-ancestors https://app.contentful.com 'self'; frame-src https://b.stripecdn.com https://js.stripe.com https://support-conversations.stripe.com 'self'; img-src data: https://assets.ctfassets.net https://assets.stripeassets.com https://b.stripecdn.com https://images.ctfassets.net https://images.stripeassets.com https://q.stripe.com 'self'; manifest-src 'none'; media-src https://assets.ctfassets.net https://assets.stripeassets.com https://b.stripecdn.com https://videos.ctfassets.net https://videos.stripeassets.com 'self'; object-src 'none'; script-src https://b.stripecdn.com https://js.stripe.com 'self' 'sha256-3aWvb9tRBjmz1OjR3n7mwiTm94+s4iki4mMZF82asmc=' 'sha256-5LtzXhT7UFn+GqP5pKEMGL08UNZsrzANHFEBW/mQHGw=' 'sha256-beLzNcen8LrazzSCRjAapoIMTgJI0osPWGNSX7aK6lc=' 'sha256-cCM0Z4lzGkzQnmbdVw+ouz0JRawyaKcZ4yiqzqYS7ek=' 'sha256-vTifGUJH6hJYTvstw4xJ4xfr/vE0ELkOV4GpCumyqfg=' 'sha256-KxhSaxKB5RFTQsqfRwp+zG7iLjvMrTAySqnSvWlqct0=' 'sha256-tMuJ8c00j54yuxogrdIJeGhNVB350dc56i969XRz/Mc=' 'sha256-aEFSvCaVnb2wNwuO3IzA8J44RdTKt6vms9beA7BcCYg=' 'sha256-0SWEc2BfR2o77i2vUiNNIrFKQkjc2Ujsr2hlfZ6oUek=' 'report-sample'; style-src https://b.stripecdn.com 'self' 'unsafe-inline'; worker-src https://b.stripecdn.com 'self'; upgrade-insecure-requests; report-uri https://q.stripe.com/csp-violation?q=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ%3D; report-to csp", "content-type": "text/html; charset=utf-8", "cross-origin-opener-policy": "same-origin-allow-popups; report-to=\"wsp_coop\"", "cross-origin-opener-policy-report-only": "same-origin-allow-popups; report-to=\"wsp_coop\"", "date": "Wed, 20 May 2026 13:26:15 GMT", "referrer-policy": "no-referrer-when-downgrade", "report-to": "{\"group\":\"coop\",\"max_age\":8640,\"endpoints\":[{\"url\":\"https://q.stripe.com/coop-report\"}],\"include_subdomains\":true}, {\"group\":\"wsp_coop\",\"max_age\":8640,\"endpoints\":[{\"url\":\"https://q.stripe.com/coop-report?s=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ=\"}],\"include_subdomains\":true}, {\"group\":\"wsp_coep\",\"max_age\":8640,\"endpoints\":[{\"url\":\"https://q.stripe.com/coep-report?s=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ=\"}],\"include_subdomains\":true}, {\"group\":\"csp\",\"max_age\":8640,\"endpoints\":[{\"url\":\"https://q.stripe.com/csp-report-v2?q=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ%3D&t=1\"}],\"include_subdomains\":true}", "reporting-endpoints": "coop=\"https://q.stripe.com/coop-report\", wsp_coop=\"https://q.stripe.com/coop-report?s=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ=\", wsp_coep=\"https://q.stripe.com/coep-report?s=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ=\", csp=\"https://q.stripe.com/csp-report-v2?q=Q5obtKcRwTRdm8SgqlWyDJZqSx7sMyIne8-h0CbhR_qnVETo6MFms5mQhLIPTlQ%3D&t=1\"", "server": "nginx", "strict-transport-security": "max-age=63072000; includeSubDomains; preload", "transfer-encoding": "chunked", "x-content-type-options": "nosniff", "x-frame-options": "SAMEORIGIN", "x-mkt-cache": "HIT", "x-stripe-proxy-response": "upstream", "x-stripe-server-rpc-duration-micros": "42204", "x-wc": "3ff" } }, "fetchedAt": "2026-05-20T13:26:15.847Z", "frameworks": ["SOC 2 CC6.6", "ISO 27001 A.8.23", "NIST SC-7(8)"], "host": "stripe.com", "recommendations": ["Add permissions-policy response header"], "severity": "info", "severityReason": "1 security header(s) missing", "status": "ok", "subdomain": "" }, { "checkSlug": "mta_sts", "data": null, "fetchedAt": "2026-05-20T13:26:15.226Z", "frameworks": ["SOC 2 CC6.7", "ISO 27001 A.8.24", "NIST SC-8"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "not applicable: no _mta-sts TXT record", "status": "not_applicable", "subdomain": "" }, { "checkSlug": "mx", "data": { "records": [ { "exchange": "aspmx.l.google.com.", "priority": 10 }, { "exchange": "alt1.aspmx.l.google.com.", "priority": 20 }, { "exchange": "alt2.aspmx.l.google.com.", "priority": 20 }, { "exchange": "aspmx2.googlemail.com.", "priority": 30 }, { "exchange": "aspmx3.googlemail.com.", "priority": 30 } ] }, "fetchedAt": "2026-05-20T13:26:15.312Z", "frameworks": ["SOC 2 CC6.7", "ISO 27001 A.8.21", "NIST SC-8"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "5 MX record(s) present", "status": "ok", "subdomain": "" }, { "checkSlug": "redirects", "data": { "finalStatus": 200, "hops": [ { "status": 307, "url": "https://stripe.com/" }, { "status": 200, "url": "https://stripe.com/in" } ] }, "fetchedAt": "2026-05-20T13:26:15.845Z", "frameworks": ["SOC 2 CC6.6", "ISO 27001 A.8.23", "NIST SC-7"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "HTTPS served correctly", "status": "ok", "subdomain": "" }, { "checkSlug": "tlsrpt", "data": null, "fetchedAt": "2026-05-20T13:26:15.226Z", "frameworks": ["SOC 2 CC7.2", "ISO 27001 A.8.16", "NIST AU-6"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "not applicable: no TLSRPT record", "status": "not_applicable", "subdomain": "" }, { "checkSlug": "web-surface", "data": { "head": { "description": "Stripe is a financial services platform that helps all types of businesses accept payments, build flexible billing models and manage money movement.", "og": { "og:description": "Stripe is a financial services platform that helps all types of businesses accept payments, build flexible billing models and manage money movement.", "og:image": "https://images.stripeassets.com/fzn2n1nzq965/XtX984S1GJVsVOXFC7kMu/01988281e867728dfb09aa7793a6e3b9/Stripe.jpg?q=80", "og:title": "Stripe | Financial Infrastructure to Grow Your Revenue", "og:type": "website", "og:url": "https://stripe.com/in/" }, "title": "Stripe | Financial Infrastructure to Grow Your Revenue", "twitter": { "twitter:card": "summary_large_image", "twitter:description": "Stripe is a financial services platform that helps all types of businesses accept payments, build flexible billing models and manage money movement.", "twitter:image": "https://images.stripeassets.com/fzn2n1nzq965/XtX984S1GJVsVOXFC7kMu/01988281e867728dfb09aa7793a6e3b9/Stripe.jpg?q=80", "twitter:site": "@stripe", "twitter:title": "Stripe | Financial Infrastructure to Grow Your Revenue" } }, "robots": { "body": "Sitemap: https://stripe.com/sitemap/sitemap.xml\n\nUser-agent: ia_archiver\nAllow: /docs/api\nAllow: /docs/api$\nDisallow: /docs\nDisallow: /docs$\nDisallow: /bitcoin/refund\nDisallow: /sources/refund\nDisallow: /sources/sepa_mandate\nDisallow: /sources/test_source\nDisallow: /sources/test_klarna\nDisallow: /handoff-healthcheck\nDisallow: /handoff\n\nUser-agent: *\nAllow: /docs\nAllow: /docs$\nDisallow: /bitcoin/refund\nDisallow: /sources/refund\nDisallow: /sources/sepa_mandate\nDisallow: /sources/test_source\nDisallow: /sources/test_klarna\nDisallow: /unsupported-browser\nDisallow: /handoff-healthcheck\nDisallow: /handoff\n\nUser-agent: rogerbot\nCrawl-delay: 2\n", "present": true }, "sitemap": { "present": false } }, "fetchedAt": "2026-05-20T13:26:15.907Z", "frameworks": ["SOC 2 CC6.6", "ISO 27001 A.8.9", "NIST CM-7"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "HTTPS surface reachable (robots ✓, sitemap ✗, title ✓)", "status": "ok", "subdomain": "" }, { "checkSlug": "whois", "data": { "createdAt": "1995-09-12T04:00:00Z", "expiresAt": "2027-09-11T04:00:00Z", "raw": { ">>> Last update of whois database": "2026-05-20T13:26:08Z <<<", "Created Date": "1995-09-12T04:00:00Z", "DNSSEC": "unsigned", "Domain Name": "STRIPE.COM", "Domain Status": [ "clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited", "clientTransferProhibited https://icann.org/epp#clientTransferProhibited", "clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited", "serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited", "serverTransferProhibited https://icann.org/epp#serverTransferProhibited", "serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited" ], "Expiry Date": "2027-09-11T04:00:00Z", "Name Server": [ "NS-1087.AWSDNS-07.ORG", "NS-1882.AWSDNS-43.CO.UK", "NS-423.AWSDNS-52.COM", "NS-705.AWSDNS-24.NET" ], "Registrar": "SafeNames Ltd.", "Registrar Abuse Contact Email": "abuse@safenames.net", "Registrar Abuse Contact Phone": "+44.1908200022", "Registrar IANA ID": "447", "Registrar URL": "http://www.safenames.net", "Registrar WHOIS Server": "whois.safenames.net", "Registry Domain ID": "891022_DOMAIN_COM-VRSN", "URL of the ICANN Whois Inaccuracy Complaint Form": "https://www.icann.org/wicf/", "Updated Date": "2025-10-01T01:39:51Z", "text": [ "For more information on Whois status codes, please visit https://icann.org/epp", "", "NOTICE: The expiration date displayed in this record is the date the", "registrar's sponsorship of the domain name registration in the registry is", "currently set to expire. This date does not necessarily reflect the expiration", "date of the domain name registrant's agreement with the sponsoring", "registrar. Users may consult the sponsoring registrar's Whois database to", "view the registrar's reported date of expiration for this registration.", "", "TERMS OF USE: You are not authorized to access or query our Whois", "database through the use of electronic processes that are high-volume and", "automated except as reasonably necessary to register domain names or", "modify existing registrations; the Data in VeriSign Global Registry", "Services' (\"VeriSign\") Whois database is provided by VeriSign for", "information purposes only, and to assist persons in obtaining information", "about or related to a domain name registration record. VeriSign does not", "guarantee its accuracy. By submitting a Whois query, you agree to abide", "by the following terms of use: You agree that you may use this Data only", "for lawful purposes and that under no circumstances will you use this Data", "to: (1) allow, enable, or otherwise support the transmission of mass", "unsolicited, commercial advertising or solicitations via e-mail, telephone,", "or facsimile; or (2) enable high volume, automated, electronic processes", "that apply to VeriSign (or its computer systems). The compilation,", "repackaging, dissemination or other use of this Data is expressly", "prohibited without the prior written consent of VeriSign. You agree not to", "use electronic processes that are automated and high-volume to access or", "query the Whois database except as reasonably necessary to register", "domain names or modify existing registrations. VeriSign reserves the right", "to restrict your access to the Whois database in its sole discretion to ensure", "operational stability. VeriSign may restrict or terminate your access to the", "Whois database for failure to abide by these terms of use. VeriSign", "reserves the right to modify these terms at any time.", "", "The Registry database contains ONLY .COM, .NET, .EDU domains and", "Registrars." ] }, "registrar": "SafeNames Ltd.", "statuses": [ "clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited", "clientTransferProhibited https://icann.org/epp#clientTransferProhibited", "clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited", "serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited", "serverTransferProhibited https://icann.org/epp#serverTransferProhibited", "serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited" ] }, "fetchedAt": "2026-05-20T13:26:16.242Z", "frameworks": ["SOC 2 CC2.3", "ISO 27001 A.5.20", "NIST PE-2"], "host": "stripe.com", "recommendations": [], "severity": "info", "severityReason": "domain registered until 2027-09-11", "status": "ok", "subdomain": "" } ], "scanJobId": "local-stripe.com-2026-05-20T13:26:15.226Z", "scannedAt": "2026-05-20T13:26:15.226Z", "summary": { "bySeverity": { "critical": 0, "high": 0, "info": 11, "low": 3, "medium": 1 }, "totalFindings": 15, "totalHosts": 1 }, "version": "1" }