billing.ghost.org Open in urlscan Pro
2606:4700:3035::6815:1ab1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response billing.ghost.org/	2 KB 2 KB	549ms 498ms	Document text/html	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://billing.ghost.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc7f67c924fb0f52a4e0b372930f3abb91fa72905dee9587d328022b378972e9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 02 Feb 2022 00:41:08 GMT content-type text/html; charset=UTF-8 cache-control public, max-age=0, must-revalidate x-nf-request-id 01FTVY1HS2DPNMMHE8K74MDQHE age 43766 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vKUx3ygfuHxCpWLcXwh7VKNU%2B1sdnbFl1e19riduIY6zEvNo3aCULUbjYEOaqXmXUOYf4nJX078ROEMQs9xX3Z33e5uiVzMM3KJkdtMwxTocotgFKfZ6quGkVyGg45wOfr2HV5i43WHlitKn7EV5g%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6d6f5f42bff09195-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bma.css account.ghost.org/styles/	30 KB 7 KB	491ms 98ms	Stylesheet text/css	2600:1f18:2489:8201:d278:9378:2114:f6e5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://account.ghost.org/styles/bma.css Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1f18:2489:8201:d278:9378:2114:f6e5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Netlify / Resource Hash 756c2247b0013241342ebe7a9588f12f5b009bd502be6f76c5c7d2cf222a50c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVY1JBGQZ88293A2CQFWV51 date Tue, 01 Feb 2022 17:00:00 GMT content-encoding br x-content-type-options nosniff age 27669 strict-transport-security max-age=31536000 content-length 6757 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server Netlify x-frame-options SAMEORIGIN etag "e3d4b1d419783adbf65d40c05c101abb-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0, must-revalidate feature-policy accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none' accept-ranges bytes
GET H2	200	2.59d623fc.chunk.css billing.ghost.org/static/css/	2 KB 898 B	466ms 465ms	Stylesheet text/css	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://billing.ghost.org/static/css/2.59d623fc.chunk.css Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee1345f3bf4972617958c5d85d6d9743be50cc42778f9a91e45299e83147f177 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVQ3NP8JD5HDHTCD5AXHAGS date Wed, 02 Feb 2022 00:41:09 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"fab01809b8148f7ef38bfa7e1cb5bf71-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL2ZN6SNTwgKh5%2FqEj0Le7xkl5jbqMKFEs5t1TCk3ybWBds91h2UDP2%2BTUmJmnuA4KtvRVt6uGqb6x40Mu9tLF5DmLA4o8GkAQ6irgiGltaBW4t0lgJP0FcxQERZSycrYGsI96nuvS9EfO%2B1plnE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400, must-revalidate cf-ray 6d6f5f45fc809195-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.1946f583.chunk.css billing.ghost.org/static/css/	4 KB 1 KB	474ms 473ms	Stylesheet text/css	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://billing.ghost.org/static/css/main.1946f583.chunk.css Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dca8f84e89cdcfb26d5a43227420f3d3039faa555761db5c510ab60b838b2348 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVQ3NNNYDD66ZW5ZS1QZBWC date Wed, 02 Feb 2022 00:41:09 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"504056f4bed81a75da61033b21a665e7-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uSa%2Fo69QJbCSS%2FOKFLE00Rcm7rLlJODPFiAXPdtlNv4DKn%2FUPWQ8B679a1DCqIqA1j80wpb%2FCi6jKZsGslVG2Joi4F4kQJNRdA8t3UGTmE%2FEmgXtQFWcacOU5IZXYXMmTo4wVrlPbO8II%2FeSE6Scw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400, must-revalidate cf-ray 6d6f5f45fc829195-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	2.8c2f177a.chunk.js Show response billing.ghost.org/static/js/	322 KB 100 KB	481ms 481ms	Script application/javascript	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://billing.ghost.org/static/js/2.8c2f177a.chunk.js Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd2c34307193fdb4e443a967549ea00cd3c89d7f4cbe7156eb0be1f516702c34 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVSQ6TTRDRERCQ655V195MJ date Wed, 02 Feb 2022 00:41:09 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"29deacd2bc35985e71f7529381d648c9-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL5LFJI44RFY5D0UiiYQlcQMbQaNEOQF085MOfssW8tHZ3OI8srwMSC8t9nqaOJrFoZcROBX3oEN8m47cH8CttEiuTuroggJv%2BBqxhKH4KGLF3t65Rd0etmw09wp%2FzdmZFAsRybNrg5%2B%2BXJKU2rbLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400, must-revalidate cf-ray 6d6f5f45fc849195-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.18eab89b.chunk.js Show response billing.ghost.org/static/js/	138 KB 31 KB	512ms 512ms	Script application/javascript	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://billing.ghost.org/static/js/main.18eab89b.chunk.js Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15f9fbaa1aff0a9eeb32f6a3fa50b418ccb0cf0d7ccb38ccb11304b1b122dfa7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVSQ6SYYPY1RJBNGRXE8W5W date Wed, 02 Feb 2022 00:41:09 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"070f6d0ff2e63ef45252c60108bc899e-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UZdogu8ajSZj99xsksctjpzBMPmtf3nubFMqlNwp9m%2F6RNnM8UFWS5fOHOG48bqyrY0c71rmXtDxG5kNu7V%2FIGnVDnJ8IV4VJI4zSqp5%2F5leHJl%2BxQ1Gfa9Rp5Wq%2FZcpm%2FkFy4T38WTF2qTNqMnwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400, must-revalidate cf-ray 6d6f5f45fc859195-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	/ Show response o55869.ingest.sentry.io/api/6135788/envelope/	2 B 246 B	73ms 22ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o55869.ingest.sentry.io/api/6135788/envelope/?sentry_key=916fe2f5af1a42989d40aa0ae10f4d28&sentry_version=7 Requested by Host: billing.ghost.org URL: https://billing.ghost.org/static/js/2.8c2f177a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://billing.ghost.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 02 Feb 2022 00:41:09 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://billing.ghost.org access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc clear content-length 2
GET H2	200	v3 Show response js.stripe.com/	275 KB 72 KB	52ms 9ms	Script application/javascript	99.86.3.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: billing.ghost.org URL: https://billing.ghost.org/static/js/2.8c2f177a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-111.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 25e428bb95c97c9eec042c92bb23dfb30e4c023f215e308cc51e5966011d1347 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 00:40:28 GMT content-encoding gzip x-content-type-options nosniff age 42 x-cache Hit from cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-origin * last-modified Tue, 01 Feb 2022 22:49:08 GMT server Cloudfront etag W/"a4c2302a747679baec0b11047c48a6f7" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) cache-control max-age=60 x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id OAbqiZkUY-GwPdpc8-TQw_DKAxp8qDbxmSmY-ktpORvu-JNDWuadtQ==
GET H3	200	ghost-logo-black-05.png billing.ghost.org/logos/	218 KB 219 KB	31ms 31ms	Image image/png	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://billing.ghost.org/logos/ghost-logo-black-05.png Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fdee6136f66afefc812b5b3c63e713d44e933db8d17dfafdea334e5d3d07be3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVY1JHTZ8FGEV23B18T31Z0 date Wed, 02 Feb 2022 00:41:09 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ec329e1f44060834be1c5c78727266eb-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGjQuSzEQIKQ4PA2CfoO8SL%2FSsMuJX6JiSQZ2ftcGWUn6cRgKu7e9GOvWd0myeQZLhkLaoXABJ%2B5LFuxE3oLy1EhLuFv2NFyibx7OR9%2FM8pHhrZTJSB1vvR32pFnR74a%2FyZaXbP8hQjDgLl6qnr3Xg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 6d6f5f49de225bf5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 223287
GET H3	200	Inter-roman.var.73d88d2c.woff2 billing.ghost.org/static/media/	219 KB 220 KB	43ms 42ms	Font font/woff2	2606:4700:3035::6815:1ab1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://billing.ghost.org/static/media/Inter-roman.var.73d88d2c.woff2 Requested by Host: billing.ghost.org URL: https://billing.ghost.org/static/css/main.1946f583.chunk.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:1ab1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed38b29cfa2fc0d12d0ed4ed265228de9bd4c733d1ce007b54b4655928697420 Request headers Referer https://billing.ghost.org/static/css/main.1946f583.chunk.css Origin https://billing.ghost.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-nf-request-id 01FTVY1JJ6B08E2X7WTSQBN1ZT date Wed, 02 Feb 2022 00:41:09 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c95d502cb9c3d07260018508dcf9666f-ssl" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gBYazKRrTb7e6Nz7UgI5pzPQQINXiaGacp4GiNoSE5oQH8l3ri6mNdRsvFI4HT%2Fb6XL858GSWvhgL0wJC%2FCTWB19wfZ%2BxKH%2F33AYiAmPKV8%2BnqtOhXRJkop%2B1EVvAqolESMh%2BVckLWsIDmlK27KTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 6d6f5f49de285bf5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 224744
GET H2	200	m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html Show response js.stripe.com/v3/ Frame F022	240 B 961 B	8ms 8ms	Document text/html	99.86.3.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-111.fra6.r.cloudfront.net Software Cloudfront / Resource Hash f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://billing.ghost.org/ Response headers content-type text/html; charset=utf-8 content-length 240 last-modified Thu, 27 Jan 2022 19:43:21 GMT accept-ranges bytes server Cloudfront access-control-allow-origin * x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload content-security-policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report timing-allow-origin * date Wed, 02 Feb 2022 00:33:10 GMT cache-control max-age=31536000 etag "08a1fefa46cfc8cc94fc477ddcdb0555" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id RIcDzy3ck-cyuceI5bFCOupcx5QC5JCKayFv3EAducZO1Szmi1qHww== age 480
POST H2	200	csp-report q.stripe.com/ Frame F022	0 356 B	532ms 170ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://js.stripe.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 02 Feb 2022 00:41:09 GMT server nginx access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type x-envoy-upstream-service-time 1 access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token content-length 0
GET H2	200	m-outer-ebb7106827d6c64e55a93b6fe1303341.js Show response js.stripe.com/v3/fingerprinted/js/ Frame F022	1 KB 1 KB	8ms 7ms	Script application/javascript	99.86.3.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-111.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-08a1fefa46cfc8cc94fc477ddcdb0555.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 36 x-cache Hit from cloudfront date Wed, 02 Feb 2022 00:40:39 GMT via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) last-modified Thu, 27 Jan 2022 19:43:06 GMT server Cloudfront etag W/"5213886b88cd72e6d0aebc89868e5d13" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id 4x8etyw4jw_f3Lle0_1yqUTDK_oGLNdyNM2_6ikCHQQ-iy5gg7EjPw==
GET H2	200	inner.html Show response m.stripe.network/ Frame CC9D	932 B 2 KB	57ms 8ms	Document text/html	99.86.3.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-ebb7106827d6c64e55a93b6fe1303341.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-101.fra6.r.cloudfront.net Software Cloudfront / Resource Hash ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd Security Headers Name Value Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 content-length 932 last-modified Thu, 13 Jan 2022 18:40:12 GMT accept-ranges bytes server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * x-content-type-options nosniff content-security-policy-report-only base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-security-policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report date Wed, 02 Feb 2022 00:39:21 GMT cache-control max-age=300, public etag "f6254e6dd0cb06228801a1c8baf0939f" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id 7ESl5voCjoV1-D4vclgPdS6rAJ9YTf_cAJqxAvZ-ppcjF50V2g5Qvg== age 117
POST H2	200	csp-report q.stripe.com/ Frame CC9D	0 131 B	457ms 170ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 02 Feb 2022 00:41:09 GMT x-envoy-upstream-service-time 0 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
POST H2	200	csp-report q.stripe.com/ Frame CC9D	0 130 B	458ms 171ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: billing.ghost.org URL: https://billing.ghost.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 02 Feb 2022 00:41:09 GMT x-envoy-upstream-service-time 1 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
GET H2	200	out-4.5.41.js Show response m.stripe.network/ Frame CC9D	85 KB 14 KB	8ms 8ms	Script text/javascript	99.86.3.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.41.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-101.fra6.r.cloudfront.net Software Cloudfront / Resource Hash a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 79 x-cache Hit from cloudfront date Wed, 02 Feb 2022 00:40:48 GMT last-modified Thu, 13 Jan 2022 18:40:13 GMT server Cloudfront etag W/"2db385faf28cf5f9393cf01a0a1edfa2" vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront) cache-control max-age=300, public x-amz-cf-pop FRA6-C1 timing-allow-origin * x-amz-cf-id _f6SfFJxFKLSoraynwD33azTbkEz5V-PXLMhR1q8Z9dW7YcOYZF_ww==
POST H2	200	6 Show response m.stripe.com/ Frame CC9D	156 B 522 B	519ms 172ms	XHR application/json	52.39.149.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.41.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.39.149.236 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-39-149-236.us-west-2.compute.amazonaws.com Software nginx / Resource Hash d4238f012dac6dd6a3477d31143c041275b8959ba6f185143aca12ac19c075af Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 02 Feb 2022 00:41:10 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	/ Show response o55869.ingest.sentry.io/api/6135788/envelope/	41 B 145 B	23ms 22ms	Fetch application/json	34.120.195.249 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://o55869.ingest.sentry.io/api/6135788/envelope/?sentry_key=916fe2f5af1a42989d40aa0ae10f4d28&sentry_version=7 Requested by Host: billing.ghost.org URL: https://billing.ghost.org/static/js/2.8c2f177a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 03aefdc8b2998530499a9a8e2c02588269a28b9dba0106d63f7cf56181eb93e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://billing.ghost.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 02 Feb 2022 00:41:10 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://billing.ghost.org access-control-expose-headers x-sentry-rate-limits, retry-after, x-sentry-error x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc clear content-length 41

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackJsonpbilling-management object| regeneratorRuntime object| __SENTRY__ object| __webpackStripeJSv3Jsonp function| Stripe

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-20 18:07:14	Name: m Value: 5779f3fd-187a-4ae7-bebb-019a32339ec236ea6d
			.billing.ghost.org/	1970-01-20 09:21:38	Name: __stripe_mid Value: a3640727-f000-4c43-81e2-a456c116d2e0abdb13
			.billing.ghost.org/	1970-01-20 00:36:04	Name: __stripe_sid Value: 69e93a4b-6787-431e-a72e-2b3b64b1c0980f1f9b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.ghost.org
billing.ghost.org
js.stripe.com
m.stripe.com
m.stripe.network
o55869.ingest.sentry.io
q.stripe.com
2600:1f18:2489:8201:d278:9378:2114:f6e5
2606:4700:3035::6815:1ab1
34.120.195.249
52.39.149.236
54.186.23.98
99.86.3.101
99.86.3.111
03aefdc8b2998530499a9a8e2c02588269a28b9dba0106d63f7cf56181eb93e8
15f9fbaa1aff0a9eeb32f6a3fa50b418ccb0cf0d7ccb38ccb11304b1b122dfa7
25e428bb95c97c9eec042c92bb23dfb30e4c023f215e308cc51e5966011d1347
3fdee6136f66afefc812b5b3c63e713d44e933db8d17dfafdea334e5d3d07be3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
756c2247b0013241342ebe7a9588f12f5b009bd502be6f76c5c7d2cf222a50c4
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
bc7f67c924fb0f52a4e0b372930f3abb91fa72905dee9587d328022b378972e9
d4238f012dac6dd6a3477d31143c041275b8959ba6f185143aca12ac19c075af
dca8f84e89cdcfb26d5a43227420f3d3039faa555761db5c510ab60b838b2348
dd2c34307193fdb4e443a967549ea00cd3c89d7f4cbe7156eb0be1f516702c34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ed38b29cfa2fc0d12d0ed4ed265228de9bd4c733d1ce007b54b4655928697420
ee1345f3bf4972617958c5d85d6d9743be50cc42778f9a91e45299e83147f177
f1870f734a253734a07b0542733fbed3b28ae811a83967deed504d31274407f4