wickedballoons.com Open in urlscan Pro
162.159.135.42  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wickedballoons.com/	66 KB 13 KB	557ms 482ms	Document text/html	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ae1f790cec04775063a57429168b50b97fe7a26ed5cf96ec815ca8514397164 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status BYPASS cf-ray 89b2ed237c20452e-TXL content-encoding br content-type text/html; charset=UTF-8 date Sat, 29 Jun 2024 03:45:53 GMT ki-cache-type Edge ki-cf-cache-status BYPASS ki-edge v=20.2.8;mv=3.0.6 ki-origin g1p link <https://wickedballoons.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/9eJGT>; rel=shortlink nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9yBUwFTILdYmwd%2F534kx3yY0sAGXX6gr0CPUmSnEPdpOjNhJdq9swjd3lcxvz424GpATkowaw4itHKhcTB49vKwei%2F735zWjQsXskejkXZjkjnxqYoHb%2FllSwl3%2FMJQH3WkEw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, accept, content-type x-content-type-options nosniff x-edge-location-klb 1 x-kinsta-cache MISS
GET H2	200	style.min.css c0.wp.com/c/6.5.5/wp-includes/blocks/navigation/	16 KB 3 KB	179ms 40ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/6.5.5/wp-includes/blocks/navigation/style.min.css Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT hhn 2 date Sat, 29 Jun 2024 03:45:53 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Tue, 20 Feb 2024 11:16:26 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * alt-svc h3=":443"; ma=86400, h3=":443"; ma=86400 expires Sun, 29 Jun 2025 03:45:53 GMT
GET H2	200	processed-header-6471bf918d3b812152f1a477a016d9e50918e7fe.min.css wickedballoons.com/wp-content/plugins/add-expires-headers/cache/1715734699/com/	2 KB 1 KB	192ms 190ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-content/plugins/add-expires-headers/cache/1715734699/com/processed-header-6471bf918d3b812152f1a477a016d9e50918e7fe.min.css Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 499579386a2a4d864e490a40eed7bbd459d26276077df688d30f791ca649fa1e Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:53 GMT content-encoding gzip ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,b5743aec40980c218874b84160b0ff23052aa08497e07dfa702a7095e7548efe cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,b5743aec40980c218874b84160b0ff23052aa08497e07dfa702a7095e7548efe ki-origin g1p alt-svc h3=":443"; ma=86400 content-length 892 last-modified Mon, 24 Jun 2024 02:58:04 GMT server cloudflare etag "6678e0bc-37c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHL%2BB5x6wnWyAGJpF0hQD4fXjg3fldkqF0w7cXbADFRn5DI3V9KxaOMt86K8O6hexYPOnGMI97JUvDwOKNNVlCfveZesbg7YA7SyExBTRItv0he8%2FGFKvhM9byeTQkGMBHrkUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN accept-ranges bytes cf-ray 89b2ed2688f7452e-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jetpack.css c0.wp.com/p/jetpack/13.5/css/	106 KB 20 KB	178ms 40ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/13.5/css/jetpack.css Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT hhn 2 date Sat, 29 Jun 2024 03:45:53 GMT content-encoding br strict-transport-security max-age=15552000 last-modified Mon, 27 May 2024 14:35:43 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * alt-svc h3=":443"; ma=86400, h3=":443"; ma=86400 expires Sun, 29 Jun 2025 03:45:53 GMT
GET H2	200	view.min.js Show response wickedballoons.com/wp-includes/blocks/navigation/	3 KB 2 KB	519ms 517ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-includes/blocks/navigation/view.min.js?ver=6.5.5 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Origin https://wickedballoons.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:54 GMT content-encoding br ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,8af54594841707b94963c70fc0d508a64bb3917c39d7ebf830dc85656d6f621f cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,8af54594841707b94963c70fc0d508a64bb3917c39d7ebf830dc85656d6f621f ki-origin g1p alt-svc h3=":443"; ma=86400 last-modified Tue, 09 Apr 2024 22:50:08 GMT server cloudflare etag W/"6615c620-ce4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3D3gwyeTjta4fSV9Pdz3aoKR4k9WA9uT1xJDCQy1AL8ypHH%2BbgYaUPvnaNo8QffFXrBbMEWtbdDn7hsaPlkEkyr5ewH8RoYpaxvxcTvNohUKscUeBmKMK3%2FVOmH2acQhWR6VmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN cf-ray 89b2ed2688fb452e-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	interactivity.min.js Show response wickedballoons.com/wp-includes/js/dist/	34 KB 13 KB	101ms 99ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-includes/js/dist/interactivity.min.js?ver=6.5.5 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Origin https://wickedballoons.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:53 GMT content-encoding br ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,d32db6257aab7d440b09fa057259afa94fb577489bc0ca2363f21c39a117864d cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,d32db6257aab7d440b09fa057259afa94fb577489bc0ca2363f21c39a117864d ki-origin g1p alt-svc h3=":443"; ma=86400 last-modified Tue, 07 May 2024 22:50:09 GMT server cloudflare etag W/"663ab021-890d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wN1kWtuwx9A4htaLxkt6IOTJEMDmusnJxeQlLzV0mPvHKhppOHaNlMfvMtkPgcrfogD%2Bc9D%2Bgvw00NusVtKUtgbzB%2Fg6x%2FG0mRNNwdaIVCOfvLUiGDZPmho4StkfRqK63v2Wnw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN cf-ray 89b2ed2688fe452e-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	index.js Show response wickedballoons.com/wp-content/plugins/contact-form-7/includes/swv/js/	11 KB 4 KB	504ms 503ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:54 GMT content-encoding br ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,bba7241b243583c8535762de3aaf5d4260336e69b4c40e85bebdffb0e095f715 cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,bba7241b243583c8535762de3aaf5d4260336e69b4c40e85bebdffb0e095f715 ki-origin g1p alt-svc h3=":443"; ma=86400 last-modified Mon, 17 Jun 2024 10:50:02 GMT server cloudflare etag W/"667014da-2cf9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWx%2F2WlRCuUMYZDWffF6UuN%2BVJ9jOj3SKsfEv12oxV%2BSFCYebHFKDy6t5dtNA2EqSXPhBqwWmymu5hHkQZbVpn8Cyn0Zo7STbUhHbXYSTRMpQb04PBcovt3qvuPaos8%2FFFzNAg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN cf-ray 89b2ed2688ff452e-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	index.js Show response wickedballoons.com/wp-content/plugins/contact-form-7/includes/js/	13 KB 4 KB	94ms 93ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:53 GMT content-encoding br ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,8f80c96e85ceef178050ab26b4c35d1dbe1d4664f11f82ccbfc2a3513787f882 cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,8f80c96e85ceef178050ab26b4c35d1dbe1d4664f11f82ccbfc2a3513787f882 ki-origin g1p alt-svc h3=":443"; ma=86400 last-modified Mon, 17 Jun 2024 10:50:02 GMT server cloudflare etag W/"667014da-32fe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80%2FnxFetJNpzAyST9AkW5uVCp8oBSM7jL4Ry0gV2115xm7qYK7sz5HtFZPyKP%2B9AlaLZxyIsY9ldt9yJVqqFjkhJ0rDLM6JrBzG5TEDUt7UMxnNKKe7klfc%2BAMhBthlqik4i3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN cf-ray 89b2ed268902452e-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	e-202426.js Show response stats.wp.com/	7 KB 3 KB	193ms 39ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202426.js Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-minify-cache hit x-nc HIT hhn date Sat, 29 Jun 2024 03:45:53 GMT content-encoding br server nginx x-minify t etag W/14421-1717166114261.106 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 alt-svc h3=":443"; ma=86400 expires Tue, 17 Jun 2025 05:23:16 GMT
GET BLOB	200 OK	6f025fb9-e660-4dbb-a1f1-968a3dc11c2f https://wickedballoons.com/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://wickedballoons.com/6f025fb9-e660-4dbb-a1f1-968a3dc11c2f Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 1185 Content-Type text/javascript
GET H2	200	widget_button.js Show response js.peek.com/	49 KB 12 KB	146ms 40ms	Script application/javascript	199.232.197.208 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.peek.com/widget_button.js?ts=5-29 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.197.208 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Express Resource Hash 721af38c62c4b2db1b1187e4ce7cbc31dff1eaa7a4d9a9906781d50f9e458985 Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=3600; includeSubDomains content-encoding gzip via 1.1 google, 1.1 varnish date Sat, 29 Jun 2024 03:45:54 GMT age 554 x-powered-by Express x-cache HIT content-length 11406 x-served-by cache-fra-etou8220156-FRA last-modified Wed, 08 May 2024 02:36:31 GMT server nginx x-timer S1719632754.014130,VS0,VE1 etag W/"c236-18f560f4083" vary Accept-Encoding access-control-allow-methods GET, GET content-type application/javascript; charset=UTF-8 access-control-allow-origin *, * cache-control public, max-age=0 accept-ranges bytes access-control-allow-headers Content-Type, Content-Type x-cache-hits 1
GET H2	200	widget_button.css js.peek.com/	297 KB 58 KB	151ms 44ms	Stylesheet text/css	199.232.197.208 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.peek.com/widget_button.css?ts=5-29 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.197.208 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Express Resource Hash 771c9412bd5f69b0771e68a42560ce7df2a4e57b64a59f3b3d38fc9fc21e318e Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=3600; includeSubDomains content-encoding gzip via 1.1 google, 1.1 varnish date Sat, 29 Jun 2024 03:45:54 GMT age 3171 x-powered-by Express x-cache HIT content-length 59634 x-served-by cache-fra-etou8220156-FRA last-modified Mon, 11 Mar 2024 15:50:23 GMT server nginx x-timer S1719632754.014130,VS0,VE1 etag W/"4a4c0-18e2e353618" vary Accept-Encoding access-control-allow-methods GET, GET content-type text/css; charset=UTF-8 access-control-allow-origin *, * cache-control public, max-age=0 accept-ranges bytes access-control-allow-headers Content-Type, Content-Type x-cache-hits 1
GET H2	200	g.gif pixel.wp.com/	50 B 177 B	47ms 39ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=136499255&post=0&tz=0&srv=wickedballoons.com&j=1%3A13.5&host=wickedballoons.com&ref=&fcp=802&rand=0.13807501948044698 Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sat, 29 Jun 2024 03:45:54 GMT cache-control no-cache server nginx alt-svc h3=":443"; ma=86400 content-length 50 content-type image/gif
GET H3	200	wp-emoji-release.min.js Show response wickedballoons.com/wp-includes/js/	18 KB 5 KB	98ms 98ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-includes/js/wp-emoji-release.min.js?ver=b16dbbd9207ccb86160957322ffe3b6d Requested by Host: wickedballoons.com URL: https://wickedballoons.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:54 GMT content-encoding br ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,eb67e9c806989dc3cb77654f705f713da40180f402424ba16b10af0c1c7473b6 cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,eb67e9c806989dc3cb77654f705f713da40180f402424ba16b10af0c1c7473b6 ki-origin g1p alt-svc h3=":443"; ma=86400 last-modified Tue, 02 Apr 2024 22:50:11 GMT server cloudflare etag W/"660c8ba3-4926" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSVVJ8kh73seakRyOcW6GtoZttD2NuwjIxwwUW7h6azLbU4fp5jdWcZfbqGMwhpK18zZSlyL5u7fd3K1QFhLl8j9meSYrJQ9kJG2pIJRS8oH8naoWrECJJ6nEyKy%2FdXtvBzzzw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN cf-ray 89b2ed29cb4c4504-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	config.js Show response js.peek.com/	3 KB 930 B	254ms 253ms	Script text/javascript	199.232.197.208 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.peek.com/config.js?key=15ac9afd-63b7-4a4c-bedd-3eb95282090d Requested by Host: js.peek.com URL: https://js.peek.com/widget_button.js?ts=5-29 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.197.208 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Express Resource Hash 8cda2a903d2b97290c6b4e9a4851d04403713efef7dcc8e5ffa00aca61879b5e Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=3600; includeSubDomains content-encoding gzip via 1.1 google, 1.1 varnish date Sat, 29 Jun 2024 03:45:54 GMT age 0 x-powered-by Express x-cache MISS content-length 809 x-served-by cache-fra-etou8220156-FRA server nginx x-timer S1719632754.207536,VS0,VE214 vary Accept-Encoding access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type x-cache-hits 0
GET H2	200	h Show response js.peek.com/	2 B 335 B	238ms 154ms	Fetch text/plain	199.232.197.208 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.peek.com/h?tls=null&type=sp_page_view&lt=null&tl=null&uid=1719632754197340&src=&apik=15ac9afd-63b7-4a4c-bedd-3eb95282090d&dh=wickedballoons.com&path=%2F&btns=0&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0 Requested by Host: js.peek.com URL: https://js.peek.com/widget_button.js?ts=5-29 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.197.208 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=3600; includeSubDomains via 1.1 google, 1.1 varnish date Sat, 29 Jun 2024 03:45:54 GMT age 0 x-powered-by Express x-cache MISS content-length 2 x-served-by cache-fra-etou8220058-FRA server nginx x-timer S1719632754.298866,VS0,VE114 etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" vary Accept-Encoding access-control-allow-methods GET content-type text/plain; charset=utf-8 access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type x-cache-hits 0
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	144ms 50ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Amiri:400i|Oswald:400 Requested by Host: js.peek.com URL: https://js.peek.com/widget_button.js?ts=5-29 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 86c0dbd9e885e26d73cd073f15a7cacb181f2452cde55a5b7a68131f2c750533 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 29 Jun 2024 03:45:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 29 Jun 2024 03:45:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 29 Jun 2024 03:45:54 GMT
GET H2	200	h Show response js.peek.com/	2 B 66 B	147ms 147ms	Fetch text/plain	199.232.197.208 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.peek.com/h?tls=null&type=sp_embed_load_complete&lt=null&tl=null&uid=1719632754197340&src=&apik=15ac9afd-63b7-4a4c-bedd-3eb95282090d&dh=wickedballoons.com&path=%2F&btns=0&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0 Requested by Host: js.peek.com URL: https://js.peek.com/widget_button.js?ts=5-29 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.197.208 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=3600; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=3600; includeSubDomains via 1.1 google, 1.1 varnish date Sat, 29 Jun 2024 03:45:54 GMT age 0 x-powered-by Express x-cache MISS content-length 2 x-served-by cache-fra-etou8220058-FRA server nginx x-timer S1719632754.463356,VS0,VE107 etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" vary Accept-Encoding access-control-allow-methods GET content-type text/plain; charset=utf-8 access-control-allow-origin * accept-ranges bytes access-control-allow-headers Content-Type x-cache-hits 0
GET H3	200	cropped-download-66x66.png wickedballoons.com/wp-content/uploads/sites/16/2019/06/	3 KB 4 KB	103ms 102ms	Other image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickedballoons.com/wp-content/uploads/sites/16/2019/06/cropped-download-66x66.png Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2fc149c8b27c7cf0e350c270d554e9758ed728c28f3fe485960c6ae45e84f5f0 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://wickedballoons.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 29 Jun 2024 03:45:54 GMT ki-cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,b154240a82f3a57eabde8739bbbe3bfb6d3e7c448c0513b64e16db3f60930ce6 cf-cache-status HIT ki-edge v=20.2.8;mv=3.0.6 x-content-type-options nosniff nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cache-tag a5594c84-1331-42d0-8418-d4690d346dc2,b154240a82f3a57eabde8739bbbe3bfb6d3e7c448c0513b64e16db3f60930ce6 ki-origin g1p alt-svc h3=":443"; ma=86400 content-length 2931 last-modified Thu, 10 Dec 2020 19:16:47 GMT server cloudflare etag "5fd2741f-b73" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oz1Otp%2FxwOIyf4rZZfQpgV%2By6mgozSCOIvV76eGFDwLUzlaAQgB74kwjbcOoQ6d2CeOI8EKP09Q7KHp0Y7eyv7wDQ6FcAbJJ5FQxrOD7rtv9gZkTFwI7Z6eMtqbaUqo9ciB23w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=2592000 ki-cache-type CDN accept-ranges bytes cf-ray 89b2ed2c4f024504-TXL ki-cf-cache-status HIT x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| _wpemojiSettings object| _peekConfig object| swv object| wpcf7 function| st_go function| linktracker_init object| wpcom object| _stq object| PeekJsApi object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.wp.com
fonts.googleapis.com
js.peek.com
pixel.wp.com
stats.wp.com
wickedballoons.com
162.159.135.42
192.0.76.3
192.0.77.37
199.232.197.208
2a00:1450:4001:802::200a
2fc149c8b27c7cf0e350c270d554e9758ed728c28f3fe485960c6ae45e84f5f0
448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
499579386a2a4d864e490a40eed7bbd459d26276077df688d30f791ca649fa1e
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
6ae1f790cec04775063a57429168b50b97fe7a26ed5cf96ec815ca8514397164
721af38c62c4b2db1b1187e4ce7cbc31dff1eaa7a4d9a9906781d50f9e458985
771c9412bd5f69b0771e68a42560ce7df2a4e57b64a59f3b3d38fc9fc21e318e
86c0dbd9e885e26d73cd073f15a7cacb181f2452cde55a5b7a68131f2c750533
8cda2a903d2b97290c6b4e9a4851d04403713efef7dcc8e5ffa00aca61879b5e
cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1