stripe.com

Last analyzed: Jan 30, 2026 at 12:35 PM UTC Refreshing...

Looks Normal

Standard signals observed

This reflects observed technical signals, not a judgment of the website's intent or safety. Wondering if Stripe is legit? Below you'll find technical signals for stripe.com including domain age, HTTPS security, DNS records, and redirect behavior to help you decide if this website is trustworthy.

Observed signals

Domain registered 30 years ago

Valid HTTPS certificate

DNS hosted via AWS Route 53 (based on nameservers)

1 redirect observed

Favicon detected

HSTS preloaded (browser-enforced)

AI Summary Plain-language explanation of the signals

The domain stripe.com hosts an active website and uses DNS that appears to be hosted via AWS Route 53 (inferred from nameservers). It has been registered for approximately 30 years through SafeNames Ltd. and is set to expire in September 2027. The site enforces HTTPS with a valid multi-domain (SAN) certificate issued by DigiCert Inc. that expires in March 2026. HTTP requests are redirected to HTTPS, ensuring secure connections. These signals describe technical characteristics only and do not indicate intent or safety.

HTTP Response

HTTPS 1 redirect

Final URL:

https://stripe.com/

Redirect chain

301 http://stripe.com/ → https://stripe.com/

200 https://stripe.com/

TLS Certificate

Valid

Yes

Covers Domain

Yes

Type

Multi-domain

Expires in 55 days

Certificate details

Subject: /jurisdictionC=US/jurisdictionST=Delaware/businessCategory=Private Organization/serialNumber=4675506/C=US/ST=California/L=South San Francisco/O=Stripe, Inc/CN=stripe.com

Issuer: /C=US/O=DigiCert Inc/CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1

Chain: 2 certificates

Subject Alt Names (2)

stripe.com matches

www.stripe.com

DNS Records

AWS Route 53 (inferred)

Based on nameserver patterns, DNS appears to be hosted via AWS Route 53, Amazon's enterprise-grade DNS service.

A Records

AAAA

IP addresses & nameservers

A: 54.162.8.126, 3.90.98.12, 3.229.145.172

NS: ns-1087.awsdns-07.org, ns-1882.awsdns-43.co.uk, ns-423.awsdns-52.com, ns-705.awsdns-24.net

MX records (5)

aspmx.l.google.com

alt1.aspmx.l.google.com

alt2.aspmx.l.google.com

aspmx2.googlemail.com

aspmx3.googlemail.com

TXT records (31)

MS=ms80697640

_dj9f8ml46we32gxo15n242thlij7fk7

anthropic-domain-verification-zk7x9c=QfN52ECybLPUWh51R9pK...

apple-domain-verification=8kIS0gmJTvILWQuI

asv=8de0c1a866b958297e22a36216e594a6

+ 26 more

Domain Registration

30 years old

Registered Sep 12, 1995

Registrar SafeNames Ltd.

Expires Sep 11, 2027

More details

Last changed: Oct 01, 2025

Status: client delete prohibited client transfer prohibited client update prohibited +3 more

Nameservers: NS-1087.AWSDNS-07.ORG, NS-1882.AWSDNS-43.CO.UK, ...

Robots.txt (Crawl directives)

Status

200 OK

Crawl Access

Allowed (with restrictions)

These directives apply to crawlers requesting this host.

Agents

Rules

Sitemaps

Directive breakdown

Disallow 17

Allow 4

Crawl-delay 2.0s

Sitemaps 1

Sitemap URLs

https://stripe.com/sitemap/sitemap.xml

Raw content

29 lines View full file

Sitemap: https://stripe.com/sitemap/sitemap.xml

User-agent: ia_archiver
Allow: /docs/api
Allow: /docs/api$
Disallow: /docs
Disallow: /docs$
Disallow: /bitcoin/refund
Disallow: /sources/refund
Disallow: /sources/sepa_mandate
Disallow: /sources/test_source
Disallow: /sources/test_klarna
Disallow: /handoff-healthcheck
Disallow: /handoff

User-agent: *
Allow: /docs
Allow: /docs$
Disallow: /bitcoin/refund
Disallow: /sources/refund
Disallow: /sources/sepa_mandate
Disallow: /sources/test_source
Disallow: /sources/test_klarna
Disallow: /unsupported-browser
Disallow: /handoff-healthcheck
Disallow: /handoff

User-agent: rogerbot
Crawl-delay: 2

Robots.txt directives are advisory instructions for crawlers and do not enforce access control.

Tech Stack

Platform

Not detected

JS Framework

Next.js

Server

nginx

CDN

Not detected

Analytics

Not detected

Security Headers

5 / 6

nginx Next.js

HSTS CSP X-Frame-Options X-Content-Type-Options Referrer-Policy

Detection evidence

CSP:

content-security-policy header present

HSTS:

strict-transport-security header present

nginx:

server header: 'nginx'

Next.js:

Next.js framework markers found

Referrer-Policy:

referrer-policy header present

X-Frame-Options:

x-frame-options header present

X-Content-Type-Options:

x-content-type-options header present

Technologies detected from HTTP headers and HTML patterns. Detection is passive and may not capture all technologies.

Check Another Domain