www.wickedthinking.io Open in urlscan Pro
2a04:4e42:200::775 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wickedthinking.io/
Effective URL:
https://www.wickedthinking.io/
Submission Tags: phishingrod
Submission: On January 28 via api (January 28th 2024, 5:11:53 am UTC) from DE — Scanned from NL

Summary HTTP 34 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 34 HTTP transactions. The main IP is 2a04:4e42:200::775, located in United States and belongs to FASTLY, US. The main domain is www.wickedthinking.io.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 7th 2024. Valid for: 3 months.

This is the only time www.wickedthinking.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.128.137.126 178.128.137.126	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	2a04:4e42:200... 2a04:4e42:200::775	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:212... 2600:9000:2127:ae00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a04:4e42::775 2a04:4e42::775	54113 (FASTLY) (FASTLY)
1	34.213.37.126 34.213.37.126	16509 (AMAZON-02) (AMAZON-02)
34	9

1 178.128.137.126 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

wickedthinking.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:4e42:200::775 (United States)

ASN54113 (FASTLY, US)

www.wickedthinking.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:ae00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::775 (United States)

ASN54113 (FASTLY, US)

wicked-thinking.ghost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.37.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-37-126.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	wickedthinking.io 1 redirects wickedthinking.io www.wickedthinking.io	213 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	167 KB
6	ghost.io wicked-thinking.ghost.io	2 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 9632	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	324 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	30 KB
34	7

	Domain	Requested by
14	www.wickedthinking.io	www.wickedthinking.io cdn.jsdelivr.net
6	wicked-thinking.ghost.io	cdn.jsdelivr.net
3	q.stripe.com	www.wickedthinking.io
3	js.stripe.com	www.wickedthinking.io js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	plausible.io	www.wickedthinking.io plausible.io
2	cdn.jsdelivr.net	www.wickedthinking.io
1	m.stripe.com	m.stripe.network
1	code.jquery.com	www.wickedthinking.io
1	wickedthinking.io	1 redirects
34	10

This site contains links to these domains. Also see Links.

Domain
ghost.org

Subject Issuer	Validity	Valid
www.wickedthinking.io ZeroSSL RSA Domain Secure Site CA	`2024-01-07` - `2024-04-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
plausible.io R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
ghost.io R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.wickedthinking.io/
Frame ID: CD6C6A687854E9CEFF0587C4ED70C992
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: AE0695C4B87323D04D0B28F2487853BE
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D6AD2125C99B1E29CC59A449D5F529CF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wicked Thinking

Page URL History Show full URLs

https://wickedthinking.io/ HTTP 301
https://www.wickedthinking.io/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

34
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

754 kB
Transfer

2396 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ghost.org/
Title: Powered by Ghost

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wickedthinking.io/ HTTP 301
https://www.wickedthinking.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wickedthinking.io/
Redirect Chain

https://wickedthinking.io/
https://www.wickedthinking.io/

11 KB
3 KB

820ms
14ms

Document
text/html

2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: cd8ad9a658fc2d27136d2cb57fe68a191b6dbe969ef6943f612919bb99e5f229

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: clear
cache-control: public, max-age=0
content-encoding: gzip
content-length: 3120
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 05:11:48 GMT
etag: W/"2c2e-paVcqdAM7g11kgfdybcZZ/98ZkE"
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 200 OK
vary: Cookie, Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-request-id: 5c0ad628-5e3d-4083-9cec-ec28e251e53a 5c0ad628-5e3d-4083-9cec-ec28e251e53a
x-served-by: cache-ams21060-AMS
x-timer: S1706418709.877631,VS0,VE1

Redirect headers

content-length: 166
content-type: text/html
date: Sun, 28 Jan 2024 05:11:48 GMT
location: https://www.wickedthinking.io/
server: openresty

GET
H2 200 screen.css
www.wickedthinking.io/assets/built/ 44 KB
9 KB 79ms
79ms Stylesheet
text/css 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 909e4435737c5484459287bb0cbd1695015b464210e8b34afb3262ccdcb9872d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 9438
ghost-fastly: true
x-request-id: 75b118ba-4890-4740-986d-cf854a541bcf, 75b118ba-4890-4740-986d-cf854a541bcf
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 00:21:32 GMT
server: openresty
x-timer: S1706418709.894132,VS0,VE66
etag: W/"afbc-18ce6722fba"
vary: Cookie, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 portal.min.js Show response
cdn.jsdelivr.net/ghost/portal@~2.37/umd/ 1 MB
258 KB 106ms
50ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a704e3a26a32c2aa95698d47727127fa858b33584c21b5333e7090f2a0a47181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wickedthinking.io/
Origin: https://www.wickedthinking.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:11:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15436
x-jsd-version: 2.37.2
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220116-FRA, cache-lga21944-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"10a468-7bKa2UwNUD/BEQGiaXkU1Wi5vUU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bqJdjsY4h0RGf0HbhZlxZ%2F52cGWKgthgRbaUl17jBUxOhbiCPh4a4jfS0jAa2sEXWvhELyDVXFlja6udk8IB70a%2Fdyvm5JT5xbLbEbFZ8XBZ%2BIEFSREdfn9Jjh%2BfiEY%2FncyKzEsZ3fbd0fL4HY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin: *
cf-ray: 84c6bca2ffd32c73-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 587 KB
163 KB 71ms
16ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 28 Jan 2024 05:11:48 GMT
via: 1.1 varnish
age: 46
x-cache: HIT
content-length: 166714
x-request-id: 26249192-f03c-44bf-96b0-942c3ab31407
x-served-by: cache-ams21068-AMS
last-modified: Fri, 26 Jan 2024 21:36:01 GMT
server: Fastly
etag: "edd03aac512133daf9b4ea7263f83cb9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 sodo-search.min.js Show response
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/ 197 KB
66 KB 71ms
32ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wickedthinking.io/
Origin: https://www.wickedthinking.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:11:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33799
x-jsd-version: 1.1.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230028-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"313b2-PGFkfSo33Bwphw9PaHfsB1kMn/Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D42pQIYB8XhQccTZHlslCsmd8%2F%2F7GMwOIAmZSPBBs8EEXXRoPX4NlGN2Mr19XjGKc29XT5GlrJlf5bpOi4CmsadPKC5qskAb9h05zPOPhePNLOmDwsdvlfkYwOxXtOmcAP6uJLCiuEr4j9HCBRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin: *
cf-ray: 84c6bca2ffd42c73-FRA

GET
H2 200 cards.min.js Show response
www.wickedthinking.io/public/ 7 KB
2 KB 82ms
81ms Script
application/javascript 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/public/cards.min.js?v=32e4a9966b
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 1557
ghost-fastly: true
x-request-id: 10316b61-339f-4ddb-aa03-195711c02010, 10316b61-339f-4ddb-aa03-195711c02010
x-served-by: cache-ams21060-AMS
server: openresty
x-timer: S1706418709.911641,VS0,VE68
etag: W/"431228c753b74a6958600d170f921e6d"
vary: Cookie, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cards.min.css
www.wickedthinking.io/public/ 39 KB
7 KB 70ms
70ms Stylesheet
text/css 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/public/cards.min.css?v=32e4a9966b
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 54682e379031e7d89b632f95f6ce239060db2a9d7fce9f92638dc4a8cbd1ae41

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 6764
ghost-fastly: true
x-request-id: c7e0f9d5-8177-4ba3-816e-b95e8bcff09d, c7e0f9d5-8177-4ba3-816e-b95e8bcff09d
x-served-by: cache-ams21060-AMS
server: openresty
x-timer: S1706418709.894509,VS0,VE57
etag: W/"d3c677de6b672445cc6386191937cf9b"
vary: Cookie, Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 member-attribution.min.js Show response
www.wickedthinking.io/public/ 2 KB
888 B 81ms
80ms Script
application/javascript 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/public/member-attribution.min.js?v=32e4a9966b
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 727
ghost-fastly: true
x-request-id: dd37539d-4c6a-46d1-9f56-61b743231adb, dd37539d-4c6a-46d1-9f56-61b743231adb
x-served-by: cache-ams21060-AMS
server: openresty
x-timer: S1706418709.911626,VS0,VE67
etag: W/"909b42c515ee6c2aece5a3f270049f98"
vary: Cookie, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 75ms
20ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1080
cdn-cachedat: 01/27/2024 08:24:44
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.2
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: 04db912c43053ca89912d5e5c0fc0f9d
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 WT-Logo-Ghost-1.png
www.wickedthinking.io/content/images/2024/01/ 8 KB
8 KB 78ms
78ms Image
image/png 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wickedthinking.io/content/images/2024/01/WT-Logo-Ghost-1.png
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 233eb97d0bb7027e2d5dad7cecc95a0d25a6707581a8642973f85aca741af7fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 7968
ghost-fastly: true
x-request-id: 0a8c4612-49f8-4b48-b997-62fce70d5d18, 0a8c4612-49f8-4b48-b997-62fce70d5d18
x-served-by: cache-ams21060-AMS
last-modified: Wed, 10 Jan 2024 00:25:44 GMT
server: openresty
x-timer: S1706418709.894492,VS0,VE65
etag: W/"1f20-18cf0c2c1d3"
vary: Cookie
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Panel3.jpg
www.wickedthinking.io/content/images/2024/01/ 27 KB
27 KB 85ms
85ms Image
image/jpeg 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wickedthinking.io/content/images/2024/01/Panel3.jpg
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 3f15668640cd7c097ff3fa5560445964165ed57fc148cf14d8740fb099e4407c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 27421
ghost-fastly: true
x-request-id: e43951da-56b9-4e01-ab07-a8d4023f27d4, e43951da-56b9-4e01-ab07-a8d4023f27d4
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 01:33:56 GMT
server: openresty
x-timer: S1706418709.894683,VS0,VE70
etag: W/"6b1d-18ce6b479e2"
vary: Cookie
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Panel3-3.jpg
www.wickedthinking.io/content/images/2024/01/ 25 KB
25 KB 80ms
78ms Image
image/jpeg 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wickedthinking.io/content/images/2024/01/Panel3-3.jpg
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 0dcfe279143e40a4c39d507745c31ae21793946110159374380db0acceae9a50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 25755
ghost-fastly: true
x-request-id: d4776f4b-d020-4f8f-b962-4564aa3c5376, d4776f4b-d020-4f8f-b962-4564aa3c5376
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 02:09:05 GMT
server: openresty
x-timer: S1706418709.911129,VS0,VE65
etag: W/"649b-18ce6d4a5ed"
vary: Cookie
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Panel4-1.jpg
www.wickedthinking.io/content/images/2024/01/ 33 KB
33 KB 91ms
90ms Image
image/jpeg 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wickedthinking.io/content/images/2024/01/Panel4-1.jpg
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 20cda529e2a3d1554f1af2aa6172959fa9b08b6120d3fe8f7abcab43d5db9478

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 33811
ghost-fastly: true
x-request-id: 8368cff0-65d0-4933-b6c0-ed9b5192b5f1, 8368cff0-65d0-4933-b6c0-ed9b5192b5f1
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 02:08:34 GMT
server: openresty
x-timer: S1706418709.911687,VS0,VE77
etag: W/"8413-18ce6d42d4a"
vary: Cookie
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 53ms
12ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.wickedthinking.io/
Origin: https://www.wickedthinking.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7964021
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-ams21051-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706418709.951011,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 314657, 455079

GET
H2 200 main.min.js Show response
www.wickedthinking.io/assets/built/ 111 KB
34 KB 88ms
87ms Script
application/javascript 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/assets/built/main.min.js?v=32e4a9966b
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: c1487acc9428e944876bfc4cbc82bd388ab251c2ad662e9863dbabc9f191be6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:48 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 34661
ghost-fastly: true
x-request-id: ce1e3023-f387-4b25-987a-a1f5723730e6, ce1e3023-f387-4b25-987a-a1f5723730e6
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 00:21:32 GMT
server: openresty
x-timer: S1706418709.911662,VS0,VE74
etag: W/"1ba46-18ce6722fb3"
vary: Cookie, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 raleway-v26-latin-regular.woff2
www.wickedthinking.io/assets/fonts/ 21 KB
21 KB 59ms
59ms Font
font/woff2 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/assets/fonts/raleway-v26-latin-regular.woff2
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Request headers

Referer: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Origin: https://www.wickedthinking.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 21028
ghost-fastly: true
x-request-id: 9c55c132-ed38-49c1-94b1-a903b580f40e, 9c55c132-ed38-49c1-94b1-a903b580f40e
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 00:21:32 GMT
server: openresty
x-timer: S1706418709.978492,VS0,VE47
etag: W/"5224-18ce6723175"
vary: Origin, Cookie
content-type: font/woff2
access-control-allow-origin: https://www.wickedthinking.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 raleway-v26-latin-700.woff2
www.wickedthinking.io/assets/fonts/ 21 KB
21 KB 54ms
54ms Font
font/woff2 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/assets/fonts/raleway-v26-latin-700.woff2
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2

Request headers

Referer: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Origin: https://www.wickedthinking.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 21352
ghost-fastly: true
x-request-id: 15eea5b7-2180-47d1-97c4-dbc8e4205a81, 15eea5b7-2180-47d1-97c4-dbc8e4205a81
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 00:21:32 GMT
server: openresty
x-timer: S1706418709.978838,VS0,VE41
etag: W/"5368-18ce6723001"
vary: Origin, Cookie
content-type: font/woff2
access-control-allow-origin: https://www.wickedthinking.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 raleway-v26-latin-800.woff2
www.wickedthinking.io/assets/fonts/ 21 KB
21 KB 61ms
61ms Font
font/woff2 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/assets/fonts/raleway-v26-latin-800.woff2
Requested by: Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329

Request headers

Referer: https://www.wickedthinking.io/assets/built/screen.css?v=32e4a9966b
Origin: https://www.wickedthinking.io
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
alt-svc: clear
content-length: 21344
ghost-fastly: true
x-request-id: 8932041f-0808-4196-a48b-6aa16662086c, 8932041f-0808-4196-a48b-6aa16662086c
x-served-by: cache-ams21060-AMS
last-modified: Mon, 08 Jan 2024 00:21:32 GMT
server: openresty
x-timer: S1706418709.978822,VS0,VE48
etag: W/"5360-18ce6723162"
vary: Origin, Cookie
content-type: font/woff2
access-control-allow-origin: https://www.wickedthinking.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 /
www.wickedthinking.io/members/api/member/ 0
0 71ms
71ms Fetch 2a04:4e42:200::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wickedthinking.io/members/api/member/
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.wickedthinking.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 204 No Content
alt-svc: clear
ghost-fastly: true
x-request-id: 81a72024-64c8-4ff0-a62a-3397fb41b55e, 81a72024-64c8-4ff0-a62a-3397fb41b55e
x-served-by: cache-ams21060-AMS
server: openresty
x-timer: S1706418709.066532,VS0,VE58
vary: Cookie
access-control-allow-origin: *
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

POST
H2 202 event Show response
plausible.io/api/ 2 B
501 B 122ms
86ms XHR
text/plain 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.wickedthinking.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 28 Jan 2024 05:11:49 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 01/28/2024 05:11:49
cdn-pullzone: 682664
application: 10.0.1.2
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F65qxmMBvOzGGyw57JEC
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 09026e21e24c4858ea0a52253ac17d69
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame AE06 200 B
869 B 13ms
13ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wickedthinking.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 105890
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 05:11:49 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 26 Jan 2024 21:06:28 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 23199
x-content-type-options: nosniff
x-request-id: 15a83b8d-58f3-4358-a892-5520fb8062d2
x-served-by: cache-ams21068-AMS

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AE06 526 B
450 B 12ms
12ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 28 Jan 2024 05:11:49 GMT
via: 1.1 varnish
age: 3745086
x-cache: HIT
content-length: 315
x-request-id: 8cd001c4-dfe4-4256-8dae-db590fe5fd80
x-served-by: cache-ams21068-AMS
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21709

POST
H2 200 csp-report
q.stripe.com/ Frame AE06 0
718 B 546ms
175ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 05:11:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706418709571973
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706418709571503
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AE06 0
717 B 546ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 05:11:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706418709572358
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706418709571556
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D6AD 930 B
2 KB 127ms
34ms Document
text/html 2600:9000:2127:ae00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:ae00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 190
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 05:08:41 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-id: TOE8b2OMt6C-QNCGHLxfkGJ46tJ3wvxJZu_kzhUkFacI2tnR6rPxzg==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 204 /
wicked-thinking.ghost.io/ghost/api/content/settings/ Frame 0
0 188ms
161ms Preflight 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked-thinking.ghost.io/ghost/api/content/settings/?key=8e6d788e759851c4be5a6739be&limit=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.wickedthinking.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 0
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.76
date: Sun, 28 Jan 2024 05:11:49 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-request-id: cbdfcd14-5b59-4230-acc2-541cde59ee4a cbdfcd14-5b59-4230-acc2-541cde59ee4a
x-served-by: cache-ams21031-AMS
x-timer: S1706418709.165327,VS0,VE148

OPTIONS
H2 204 /
wicked-thinking.ghost.io/ghost/api/content/tiers/ Frame 0
0 199ms
173ms Preflight 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked-thinking.ghost.io/ghost/api/content/tiers/?key=8e6d788e759851c4be5a6739be&limit=all&include=monthly_price,yearly_price,benefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.wickedthinking.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 0
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.76
date: Sun, 28 Jan 2024 05:11:49 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-request-id: 64e59875-e84c-4644-9d30-62f57387a6f4 64e59875-e84c-4644-9d30-62f57387a6f4
x-served-by: cache-ams21031-AMS
x-timer: S1706418709.165313,VS0,VE155

GET
H2 200 / Show response
wicked-thinking.ghost.io/ghost/api/content/settings/ 2 KB
980 B 77ms
76ms Fetch
application/json 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked-thinking.ghost.io/ghost/api/content/settings/?key=8e6d788e759851c4be5a6739be&limit=all
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 076ed3e78b7389645dd29a8b6d668632bcea1298b429c58793f5c2fcccbe4d7a

Request headers

Referer: https://www.wickedthinking.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
content-version: v5.76
alt-svc: clear
content-length: 789
ghost-fastly: true
x-request-id: ac1e5771-c34d-45ac-b334-a3bd94359f05, ac1e5771-c34d-45ac-b334-a3bd94359f05
x-served-by: cache-ams21031-AMS
server: openresty
x-timer: S1706418709.325919,VS0,VE64
etag: W/"701-mUN0ogs3apfQK3Ba8IyHb78Ukak"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
wicked-thinking.ghost.io/ghost/api/content/tiers/ 544 B
510 B 74ms
74ms Fetch
application/json 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked-thinking.ghost.io/ghost/api/content/tiers/?key=8e6d788e759851c4be5a6739be&limit=all&include=monthly_price,yearly_price,benefits
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 67ef4da7697eb7e14d57dae742da02edc64c56034427a7eae8bffdf3c17f2f5b

Request headers

Referer: https://www.wickedthinking.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
content-version: v5.76
alt-svc: clear
content-length: 373
ghost-fastly: true
x-request-id: 97a4266e-81a8-45eb-9d42-83790863aa86, 97a4266e-81a8-45eb-9d42-83790863aa86
x-served-by: cache-ams21031-AMS
server: openresty
x-timer: S1706418709.337574,VS0,VE61
etag: W/"220-o9JZyLWxWG1MHiwP5uQAerHsJn0"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
wicked-thinking.ghost.io/ghost/api/content/newsletters/ 437 B
595 B 96ms
95ms Fetch
application/json 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked-thinking.ghost.io/ghost/api/content/newsletters/?key=8e6d788e759851c4be5a6739be&limit=all
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/ghost/portal@~2.37/umd/portal.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash: 148c15abb1094b035521debc820a479d355c1dce1039d629d138fd6e01a3ed1e

Request headers

Referer: https://www.wickedthinking.io/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

ghost-age: 0
date: Sun, 28 Jan 2024 05:11:49 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200 OK
content-version: v5.76
alt-svc: clear
content-length: 324
ghost-fastly: true
x-request-id: cbf950b4-6683-4072-b9c8-202ea2f47551, cbf950b4-6683-4072-b9c8-202ea2f47551
x-served-by: cache-ams21031-AMS
server: openresty
x-timer: S1706418709.325326,VS0,VE78
etag: W/"1b5-cQjovpovIn3vAbMLewQb0iehqlo"
vary: Accept-Version, Cookie, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
ghost-cache: MISS
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 204 /
wicked-thinking.ghost.io/ghost/api/content/newsletters/ Frame 0
0 182ms
155ms Preflight 2a04:4e42::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wicked-thinking.ghost.io/ghost/api/content/newsletters/?key=8e6d788e759851c4be5a6739be&limit=all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.wickedthinking.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
age: 0
alt-svc: clear
cache-control: public, max-age=0
content-version: v5.76
date: Sun, 28 Jan 2024 05:11:49 GMT
ghost-age: 0
ghost-cache: MISS
ghost-fastly: true
server: openresty
status: 204 No Content
vary: Accept-Version, Access-Control-Request-Headers, Cookie
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-request-id: b0248a50-167e-4c53-a7fb-2b41f89c9fc4 b0248a50-167e-4c53-a7fb-2b41f89c9fc4
x-served-by: cache-ams21031-AMS
x-timer: S1706418709.165010,VS0,VE143

POST
H2 200 csp-report
q.stripe.com/ Frame D6AD 0
491 B 409ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.wickedthinking.io
URL: https://www.wickedthinking.io/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 05:11:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706418709572468
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706418709571617
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame D6AD 87 KB
14 KB 39ms
39ms Script
text/javascript 2600:9000:2127:ae00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:ae00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:07:13 GMT
content-encoding: br
via: 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 277
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: PRG50-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: kIJvLAK3GXFRzJ5O4ACqWHxp7i6FalJsPdmkkq3yBDsWNh2u1PoQbA==

POST
H2 200 6 Show response
m.stripe.com/ Frame D6AD 156 B
669 B 556ms
177ms XHR
application/json 34.213.37.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.37.126 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-37-126.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

319eda670f34b0542b9aff0bac7b8246bef2e4044589652401d9e1952e6e79f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 28 Jan 2024 05:11:49 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706418709792190
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706418709792039
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-21 03:36:18	Name: m Value: 51393d4e-fa44-4afc-a854-167de8ea1ce4c63f0a
.www.wickedthinking.io/	1970-01-21 02:45:54	Name: __stripe_mid Value: 3ac02af8-64cf-429c-b988-5295ec70dec2975020
.www.wickedthinking.io/	1970-01-20 18:00:20	Name: __stripe_sid Value: 9555fb10-816a-4627-b7e2-88c6bb014d9b306c1b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
js.stripe.com
m.stripe.com
m.stripe.network
plausible.io
q.stripe.com
wicked-thinking.ghost.io
wickedthinking.io
www.wickedthinking.io
151.101.0.176
178.128.137.126
2400:52e0:1e00::1081:1
2600:9000:2127:ae00:19:7d10:bd80:93a1
2606:4700::6810:5814
2a04:4e42:200::775
2a04:4e42:600::649
2a04:4e42::775
34.213.37.126
54.187.119.242
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
076ed3e78b7389645dd29a8b6d668632bcea1298b429c58793f5c2fcccbe4d7a
0b144beb896e0d7612e0eeab489e4e682adac07cbc139924ce892bde3ccd3605
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
0dcfe279143e40a4c39d507745c31ae21793946110159374380db0acceae9a50
148c15abb1094b035521debc820a479d355c1dce1039d629d138fd6e01a3ed1e
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
20cda529e2a3d1554f1af2aa6172959fa9b08b6120d3fe8f7abcab43d5db9478
22c96a94f1e6c9c814b42368fa27b041b836f078c33d91538fb37bfb9d84e329
233eb97d0bb7027e2d5dad7cecc95a0d25a6707581a8642973f85aca741af7fb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
319eda670f34b0542b9aff0bac7b8246bef2e4044589652401d9e1952e6e79f2
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3f15668640cd7c097ff3fa5560445964165ed57fc148cf14d8740fb099e4407c
54682e379031e7d89b632f95f6ce239060db2a9d7fce9f92638dc4a8cbd1ae41
67ef4da7697eb7e14d57dae742da02edc64c56034427a7eae8bffdf3c17f2f5b
73e90bca3350ae511b91bb029abfdc78760e164530c9cfd8f1f5e5d007a254b4
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
909e4435737c5484459287bb0cbd1695015b464210e8b34afb3262ccdcb9872d
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a704e3a26a32c2aa95698d47727127fa858b33584c21b5333e7090f2a0a47181
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c1487acc9428e944876bfc4cbc82bd388ab251c2ad662e9863dbabc9f191be6f
cd8ad9a658fc2d27136d2cb57fe68a191b6dbe969ef6943f612919bb99e5f229
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.wickedthinking.io Open in urlscan Pro 2a04:4e42:200::775 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

60 %IPv6

7 Domains

10 Subdomains

9 IPs

3 Countries

754 kBTransfer

2396 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wickedthinking.io Open in urlscan Pro
2a04:4e42:200::775 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

754 kB
Transfer

2396 kB
Size

3
Cookies

34 HTTP transactions
0 data transactions