www.patreon.com Open in urlscan Pro
2606:4700::6810:631  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request thedfirreport Show response www.patreon.com/	209 KB 41 KB	1440ms 1316ms	Document text/html	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61f1ae617edf5b1410815fe6bbca18f021205e0ed47170af880e521c8d7c0834 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, s-maxage=300, max-age=0 cf-cache-status DYNAMIC cf-ray 6f9714028d54e903-MXP content-encoding gzip content-language de-DE content-type text/html; charset=utf-8 date Sat, 09 Apr 2022 23:38:46 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy origin,strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Kn9Erd1kpG87Sghacw4M2VKjOfZ2Ir%2FVro3YM0LKOR8%2BPCbBA25q8y21o%2BasN7Qmk%2BDYPIZIkEwiuqx3aAJICHfigDnxW66cTNdvHevw7p38f%2BnRus94SUa6i4UdEE%2FAs8DKpoRCOHDkKKqHA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=2592000 vary Accept-Encoding x-content-type-options nosniff x-frame-options sameorigin x-patreon-uuid 9b5550d8-f015-5870-93cc-402d11ac09ad x-protected-by Sqreen x-xss-protection 1; mode=block
GET H2	200	7F2Ggij0e_TCnVgy3dJ0eOuIIUs.js Show response www.patreon.com/cdn-cgi/apps/head/	4 KB 2 KB	36ms 35ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.patreon.com/cdn-cgi/apps/head/7F2Ggij0e_TCnVgy3dJ0eOuIIUs.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b6a73b2a48bc6cfd216f68619c8b414725f94a7795ef996c42fef3df930589 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/thedfirreport User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:46 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4595157 cf-ray 6f97140aecb3e903-MXP vary Accept-Encoding content-length 1338 x-amz-id-2 ZsIxUfSP3U45z6OtpcGAS2NXKMJrAcHhzVSgyfZL6k7pdj/4xYCgGULwM2TsQzlHNtsBtsXYFr4= last-modified Tue, 15 Feb 2022 19:12:35 GMT server cloudflare etag "7d678780b9d8e5badf3375ac76e2c24e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhulQNRcvRRNrc9JlAR6NNFAQXDgKwNmIT5CJJv8WkDyfcLelkeU968PLo2COvuNhYibhtykjvm%2FNRvmA3NHAWIx%2BzI3vNkq2E78txpuGEoUj9ngQ96gXch8c5C9cjMB%2FK1lTT8jcPGf%2BhisyQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-amz-request-id 07EXMN42Z5HQ4AWQ cache-control public, max-age=31536000 x-amz-version-id J6NdxxFPi08ph9JgqD.BiOXEPDNkQLNp accept-ranges bytes content-type application/javascript; charset=utf-8
GET H2	200	bundle.min.js Show response browser.sentry-cdn.com/6.17.9/	64 KB 20 KB	60ms 22ms	Script application/javascript	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/6.17.9/bundle.min.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 57fcb0666b6bcab41f3bc537a9d648f89dd464897b62c5e8e207231921b62994 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.patreon.com/ Origin https://www.patreon.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:46 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 13:06:26 GMT server Fastly age 4520877 etag "f1dcacb207ea4564c52432bfb3d30c8b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes content-length 20480 expires Thu, 16 Feb 2023 15:50:48 GMT
GET H2	200	bundle.tracing.min.js Show response browser.sentry-cdn.com/6.17.9/	89 KB 89 KB	59ms 22ms	Script application/javascript	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 3e40fce7a45adfa95bcd4b3f99b56a8e24ccb9672a2597a71229c6fe020cb4c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.patreon.com/ Origin https://www.patreon.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:46 GMT last-modified Wed, 16 Feb 2022 13:06:26 GMT server Fastly age 2130240 etag W/"6e7867ba1be1fee889d1f2f64a5b84f6" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-guploader-response-body-transformations gunzipped cache-control public, max-age=31536000 strict-transport-security max-age=31536000; includeSubDomains accept-ranges bytes access-control-allow-origin * content-length 90662 expires Thu, 16 Mar 2023 07:54:46 GMT
GET H2	200	react.production.min.js Show response unpkg.com/react@16.14.0/umd/	12 KB 5 KB	74ms 33ms	Script application/javascript	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/react@16.14.0/umd/react.production.min.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:46 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 11050214 fly-request-id 01FNZ0SQ0EGQVBKGWWY1EH4ZEW content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6f97140ba9df83b2-MXP
GET H2	200	react-dom.production.min.js Show response unpkg.com/react-dom@16.14.0/umd/	116 KB 38 KB	57ms 36ms	Script application/javascript	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:46 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 30396657 fly-request-id 01F3YEK4H6QHJ28R0MA5KH1ZNP content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 6f97140ba9e483b2-MXP
GET H2	200	runtime.2bccab30.js Show response c1.patreon.com/content-based/de-DE/	19 KB 9 KB	88ms 78ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/runtime.2bccab30.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d972f3f014b7a24e275fe9d7dc775419520cf18dab3d3a57ef8c88c80320a32 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140bad62e903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 8589 x-amz-id-2 BxgxwiVB+4ozWl1GLL0ZFeidvw5PxFavMbfFHu5KqW+oFvEj+rh/1qPQz7D5EsglSAQnZXQkeVg= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:29 GMT server cloudflare etag "f98071f6ae65a28a11a4e9da9f6ed725" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGs0W4f8ftyKmx2nn99tPy3cXFuGT%2BiHmKUDQgEC55T%2Fz0oFInX0imcsbPpF1OR52thjdAPDsDIUsZsDBZLyaWvesWCFX%2Fj9AetnEuiHoptoKfWkCjBH%2FFm7axzgqdPiUSGdLfozMbkY45Hq"}],"group":"cf-nel","max_age":604800} x-amz-request-id YVD8S42VVGVV7SRZ cache-control max-age=31536000,public x-amz-version-id dztxKhojYWPJ3cC5zD4eKZFuG1ZZuVyd accept-ranges bytes content-type application/javascript
GET H2	200	1.93b4f28c.chunk.js Show response c1.patreon.com/content-based/de-DE/	577 KB 160 KB	88ms 78ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/1.93b4f28c.chunk.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a3a85d44d53f9cac9d5b957c681b59760200bc2f6537b69264d791034872379 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140bad61e903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 162565 x-amz-id-2 7H0kbb95iSyVw+9lsqUHdR7fQ69fQd4nf4uOlltk74B9JmeHxXoLxV54HpM8y8goRAfBge5z94w= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:20 GMT server cloudflare etag "376dc21437969120c1fca50962af8b62" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbgmiVHF8U8cJ%2BRB9W64rFARKCEkBmVWQljE3H4XBkqaMIL0wb6d0wfafD8Ee0W9IXYT6Slik1urgbgTRkTnWnYe3EJhu0HqpYvUxaStvkXTSyXX5goXPo40vrXWP44Edz4RhxeQtA9JZ6tD"}],"group":"cf-nel","max_age":604800} x-amz-request-id YVD0MRMWN3AZSVVW cache-control max-age=31536000,public x-amz-version-id 7bV0OAS5RHS95ytRdzNj2oUHgM1GCcog accept-ranges bytes content-type application/javascript
GET H2	200	2.ebc0041c.chunk.js Show response c1.patreon.com/content-based/de-DE/	232 KB 56 KB	59ms 50ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/2.ebc0041c.chunk.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db0107fe0d6000ccb8a3533aaca2ebbf06fdc316745fef6164e2af6e2e42135d Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140bad5de903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 56879 x-amz-id-2 mt1TWjrudUSLrmpg7/6fz7SNCxviM65wUEDfTsZbPZCsFctKWqDDZng+An5RFiS5XQ0AkxvbzdE= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:20 GMT server cloudflare etag "809933abd45ad33e981a4b8206d94ee6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qFtdpwEc8DKhB6EHo0bSNb05a3AXm6Aa8tFqCgOJIWetgjxaoKlYKkkJLMUf0bhA%2FRaTDmeWQ7KTa5Fi2LNkbKRATxInJUsJSNmrXdwd2jUrTCgYaRZpFIV1LRUcvID3BmqSc1y4uQoNLTx"}],"group":"cf-nel","max_age":604800} x-amz-request-id YVDB2KHJG2BTMF91 cache-control max-age=31536000,public x-amz-version-id PDEgbN_rYX8QrcyBLwSEuxypGIEDiGUJ accept-ranges bytes content-type application/javascript
GET H2	200	3.16b92f92.chunk.js Show response c1.patreon.com/content-based/de-DE/	40 KB 15 KB	86ms 77ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/3.16b92f92.chunk.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af7f1f4dd63dd491c9461c71b6062e21be0b68b18906bb965a31ac701031f19d Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140bad5ee903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 15014 x-amz-id-2 yZxzHK28mzNuvbTTt7l8fPNdJXPfXax0i6+V6t34UsnUiEPp1cgfZy/EkVyYe3oViblXBPaoX1o= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:20 GMT server cloudflare etag "75aaecbbd18101d75a7ff196b26dd747" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w84pkYwVJkKUithXHHXA0FbObJGEtcQR4RuRIWf9eFPPiNgzum56GOB8Ook%2ByTFZDlTsGVYATEyvq%2F3WypgRYwCSGlAVwGMVMYHCgDt9Nbb5cbICfu7TNEW30X%2B9MzWDvuw%2B%2B9augpaXYGBf"}],"group":"cf-nel","max_age":604800} x-amz-request-id YVD7YSZ57245NQHK cache-control max-age=31536000,public x-amz-version-id fsWUeUDG8b6l73aMnJFDcmn2Y1RBSWtE accept-ranges bytes content-type application/javascript
GET H2	200	4.b286ae8f.chunk.js Show response c1.patreon.com/content-based/de-DE/	1 MB 372 KB	80ms 71ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/4.b286ae8f.chunk.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e05cd30333d80b07bf0ee973468bc19b2a3826b69aef516fb51663dd715cb95 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140bad5fe903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 379743 x-amz-id-2 pqp1A6pToQ67eQUGQpUZau7wN6T8c0oJnIaJ0AiwVrGa2eKaSOQ/BXHCElli+vuK8mUwlrAdOs0= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:20 GMT server cloudflare etag "014c16bb17d9209c05413c53dc4b4f64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2Bc%2BkWSdP1hz%2Fy7HjZmhRE2O2nM5YM2US5ZqaxEE9HXB4mYvCZI9dIyeiJUibFv9T3kZdVDj80OEeRTVs5AsSlonkjx9v4NxfG7eSoqP7jupwbW2XruliS6mLqLgSBxQhBXohFVQy72tv2Fy"}],"group":"cf-nel","max_age":604800} x-amz-request-id YVD9MG1FFV0QCP49 cache-control max-age=31536000,public x-amz-version-id nJwNOt6B.KaYGHLPspP.hQnfkZdhD_.1 accept-ranges bytes content-type application/javascript
GET H2	200	7.69771a88.chunk.js Show response c1.patreon.com/content-based/de-DE/	18 KB 6 KB	86ms 78ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/7.69771a88.chunk.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 199acc9591aad59b97f6200ac1536a1c96ae7f0e683dfeb2b1e9d21473de1e5a Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140bad60e903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 6125 x-amz-id-2 pp6uiIGpUZtYLOeM44+xkHHOzYjz2GWrFbWoiG2YKnp/r8D6K3EX0n13G2PG2/HNbxReEerabRs= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:20 GMT server cloudflare etag "6c6c57790a5d3a516273f80f9ea4de81" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuhaC1tF%2F8Tg4okYFfN9YsYAY7WF3LIznt37SvFxFjBoqLxPG5v%2FLhQq8wOImI14Q%2FqClH2YemCh%2BO01k2RGm1rLtebzFEawdgQODDtp%2FpfK2fXu%2BN%2BgmH1XToluXZRE736%2FrtdyI7Dr8oSp"}],"group":"cf-nel","max_age":604800} x-amz-request-id YVD1QZ4KR94DBBXR cache-control max-age=31536000,public x-amz-version-id 4SGOkBGmqmydGolw..xevbSoJuhtdl5T accept-ranges bytes content-type application/javascript
GET H2	200	fanPage.2c9d4c48.chunk.js Show response c1.patreon.com/content-based/de-DE/	2 MB 405 KB	88ms 88ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/fanPage.2c9d4c48.chunk.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9f21b2eb2ea927c651faa00501856f2eef24d779e4bb2ccc34e3f1df0848d42 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90095 cf-ray 6f97140c0da4e903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 414012 x-amz-id-2 XqGRjclPWNZDqDm3IC0X7+E2LjSBCg9P+e2BPa+lo+QWrE4ivEYrAhEYPuEv1RVx31TcROhfBa8= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:21 GMT server cloudflare etag "9a3230ab5a67355522d801ea7e2efd02" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xhi1LykKNN%2BHRkrhTD6xY9xEXgWHqc0rdtK%2BpkdzHXRIhFkB0G2q6yO%2FV85JRzT5k3PMlslZFifSnOY5STzJp92g%2FTpTYUb9wmSkoe%2F2nFMlAT3OpLflyklsbALH5sPr9swP80h%2Fc7Tln0K8"}],"group":"cf-nel","max_age":604800} x-amz-request-id WZ1YGKVSD2Q0C6NW cache-control max-age=31536000,public x-amz-version-id suP3VBTyOPL31Ljkdpzl3HvmK761xLJl accept-ranges bytes content-type application/javascript
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 236 date Sat, 09 Apr 2022 23:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 10 Apr 2022 01:34:50 GMT
GET H2	200	datadog-rum-us.js Show response www.datadoghq-browser-agent.com/	64 KB 21 KB	57ms 13ms	Script application/javascript	18.66.248.223 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.datadoghq-browser-agent.com/datadog-rum-us.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.223 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-223.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:22 GMT content-encoding br last-modified Mon, 19 Jul 2021 12:21:10 GMT server AmazonS3 age 26 etag W/"20e006a0c5730657dae04bb52a46d540" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront) cache-control max-age=14400, s-maxage=60 x-amz-cf-pop DUS51-P1 x-amz-cf-id 5B7S4ZysdDsQ8kCo4k0-jE8JZJUvpJXI6Jycp30JwZKJTMDjbQ2uwA==
POST H2	200	/ Show response o83571.ingest.sentry.io/api/5405162/envelope/	2 B 245 B	46ms 8ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o83571.ingest.sentry.io/api/5405162/envelope/?sentry_key=9f4cd98136744e53b233bbe399c3a0f1&sentry_version=7 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 09 Apr 2022 23:38:47 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://www.patreon.com access-control-expose-headers x-sentry-error, retry-after, x-sentry-rate-limits x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc clear content-length 2
GET H/1.1	200 OK	amplitude-2.10.0-min.gz.js Show response d24n15hnbwhuhn.cloudfront.net/libs/	58 KB 18 KB	39ms 8ms	Script application/javascript	143.204.214.172 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-2.10.0-min.gz.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.214.172 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-214-172.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 4405456f7cfb9299726bcff04a635844afca1987d86e8beffd7a0ceb39eb2e03 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-amz-version-id .9mFfCsTKEbOGO7yaUh9qbNvyJUWkyG5 Content-Encoding gzip ETag "bce98abe68a42d49d62fac753696866c" Age 4831765 X-Cache Hit from cloudfront Connection keep-alive Content-Length 17592 Last-Modified Mon, 21 Oct 2019 15:45:33 GMT Server AmazonS3 Date Sun, 13 Feb 2022 01:29:23 GMT Content-Type application/javascript Via 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront) Cache-Control max-age=31536000 X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes X-Amz-Cf-Id Pacdygre0UQPHDnNX175RT5wWFLTHY8cEnTiAgdUZZF9C8xX6xSN_A==
GET H2	200	gtm.js Show response www.googletagmanager.com/	208 KB 70 KB	40ms 16ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KVW5V3Q Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eb4912673b16b1bef7455133cc0e218ab45a82a9e8060fe2a7b35b31fd4f99b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70769 x-xss-protection 0 last-modified Sat, 09 Apr 2022 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 09 Apr 2022 23:38:47 GMT
GET H2	200	tags.js Show response js.datadome.co/	248 KB 46 KB	60ms 24ms	Script text/javascript	108.157.4.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.datadome.co/tags.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-23.dus51.r.cloudfront.net Software Apache / Resource Hash 4dfc2233dd1efcc0b680e56f046296b3b295bec6638a5c331ef6fc04809fab2c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 22:57:39 GMT content-encoding gzip vary Accept-Encoding age 2468 x-cache Hit from cloudfront content-length 46101 access-control-allow-origin * last-modified Fri, 08 Apr 2022 07:57:27 GMT server Apache etag "3e05e-5dc1ff21aeeff-gzip" strict-transport-security max-age=15768000 content-type text/javascript via 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront) cache-control max-age=3600, public x-amz-cf-pop DUS51-P2 accept-ranges bytes x-amz-cf-id uMl1FpKEqtFw8W1HmNkdh00KtWhz5b-qgxoUPTzeSUWoX-k8cXrtEA== expires Sat, 09 Apr 2022 23:57:39 GMT
GET H2	200	aktiv-grotesk-upright-variable-weight.woff2 c5.patreon.com/external/fonts/aktiv-grotesk/	69 KB 69 KB	146ms 100ms	Font binary/octet-stream	2606:4700::6810:731 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c5.patreon.com/external/fonts/aktiv-grotesk/aktiv-grotesk-upright-variable-weight.woff2 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d6d7946124db4998dfce2f41c1a53a592ad0f7dd6ed08418bf4ea71a427279e Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ Origin https://www.patreon.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT access-control-allow-methods GET, HEAD x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 62012 cf-ray 6f97140bea0959d7-MXP x-amz-replication-status COMPLETED strict-transport-security max-age=2592000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-length 70240 x-amz-id-2 ks1ZQdJpjxLQ9PhFCOJTiie1XA8Hr2NbnXr1pDb9QaBeIf1/6BESdG1jPAnMwW2DnsO7ufINE/o= last-modified Mon, 24 Jan 2022 21:39:34 GMT server cloudflare etag "6c49b1bfad0083d67b78fdc7cb38b6c2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weU15%2BRQS2f1UTo8nMUC9nIf4Vg%2FaV05FkRaGZOjEgYsHCgh%2FiEpxeqpkg%2Bt9T7nV8%2Fb5IygwEmkOBUwe9hN80wJ9bTz1VDulBf%2BL4vbbrL01%2FXb7yKrZBbK3THAq8Le3NR2jyp1IO4Ic3hu"}],"group":"cf-nel","max_age":604800} x-amz-request-id 71HKNA9BEZ9H6VK9 access-control-allow-origin * cache-control public, max-age=86400 x-amz-version-id bfw3H0D5lCIpmWOZKh1.GMSG_iK9idmN accept-ranges bytes content-type binary/octet-stream
GET H2	200	1.png c10.patreonusercontent.com/4/patreon-media/p/campaign/4762286/ebd32df29f994141b82f95327301b17f/eyJ3IjoxOTIwLCJ3ZSI6MX0%3D/	4 KB 5 KB	439ms 392ms	Image image/webp	2606:4700::6811:db0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c10.patreonusercontent.com/4/patreon-media/p/campaign/4762286/ebd32df29f994141b82f95327301b17f/eyJ3IjoxOTIwLCJ3ZSI6MX0%3D/1.png?token-time=1651622400&token-hash=b5Uca6cvX_aoqAY7e9t8g7bElGLgMdqHuiCVw-6bWro%3D Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:db0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ef2fa958df64c75ed1e7abec03b650e99d89ad7e1fe2f29b7617d293137ff027 Security Headers Name Value Content-Security-Policy default-src 'none'; media-src https://c10.patreonusercontent.com Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express content-disposition inline; filename="w.png"; filename*=utf-8''w.png content-length 4378 server cloudflare etag W/4/patreon-media/p/campaign/4762286/ebd32df29f994141b82f95327301b17f/eyJxIjoxMDAsInciOjE5MjAsIndlIjoxLCJ3ZWJwIjoxfQ==/1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2O346lAI7r8xOCHI42WzOXXfhif4w0QtdPHpCAlYghdmdVakHlsWigtdbk1e%2B9KT8BVJc03KELDvcq4Ius8TC%2BFWP87YDAQ%2BgFdjOD8peirqunjE45XKpwbCwZjP3s5f6hOeRA2ZGaJOADGxje%2BHF%2B2zmMggUWF"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin https://www.patreon.com cache-control public, max-age=31536000 content-security-policy default-src 'none'; media-src https://c10.patreonusercontent.com accept-ranges bytes cf-ray 6f97140c0a8c83b2-MXP expires Sun, 09 Apr 2023 23:38:47 GMT
GET H2	200	1.jpg c10.patreonusercontent.com/4/patreon-media/p/campaign/4762286/1195a1b361b3429da3e7813a5aae35c0/eyJ3IjoyMDB9/	8 KB 9 KB	263ms 215ms	Image image/webp	2606:4700::6811:db0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c10.patreonusercontent.com/4/patreon-media/p/campaign/4762286/1195a1b361b3429da3e7813a5aae35c0/eyJ3IjoyMDB9/1.jpg?token-time=2145916800&token-hash=GcT-SFoFJTgg1bouj6T33zY4xn1TVIM1fxlZJ7jbaeY%3D Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:db0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 97e00234d4e228193a5befa76bf95d0866cf578cb9109c1bc07911a0155d3d83 Security Headers Name Value Content-Security-Policy default-src 'none'; media-src https://c10.patreonusercontent.com Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express content-disposition inline; filename="2AaKCNiy_400x400.jpg"; filename*=utf-8''2AaKCNiy_400x400.jpg content-length 8462 server cloudflare etag W/4/patreon-media/p/campaign/4762286/1195a1b361b3429da3e7813a5aae35c0/eyJ3IjoyMDAsIndlYnAiOjF9/1 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogEaAgBsCVQpJqYR3CXYzsZXPDVFyCHDoXAFRk2VQt%2BV8R9PNpMGSL4FOjChfMzxnZkvI%2F4jIWhNgyJz99T3fVh65umYM6B%2B1bZ2Q2md%2F8bk%2Ft7fl6hSVfuvMPiDkU1oS%2B34OjcCYT80%2BMYx1AxaKMPoBd213pnp"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin https://www.patreon.com cache-control public, max-age=31536000 content-security-policy default-src 'none'; media-src https://c10.patreonusercontent.com accept-ranges bytes cf-ray 6f97140c0a9083b2-MXP expires Sun, 09 Apr 2023 23:38:47 GMT
GET H2	200	GT-Walsheim-Bold.woff2 c5.patreon.com/external/fonts/gt-walsheim/	41 KB 43 KB	77ms 44ms	Font binary/octet-stream	2606:4700::6810:731 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c5.patreon.com/external/fonts/gt-walsheim/GT-Walsheim-Bold.woff2 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c7a5debfe9de25dea96885266a37ec4a23cb59d31a073a78fcc6eef6dd66529 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ Origin https://www.patreon.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT access-control-allow-methods GET, HEAD x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65509 cf-ray 6f97140bea0a59d7-MXP x-amz-replication-status COMPLETED strict-transport-security max-age=2592000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-length 42416 x-amz-id-2 kOrrg0XS8u7xG75v6A7FiKzru1DwJ5q6vq3AeGKEK18MSqmxdetzaiW47o1fwEoSQ5qhPVV20Qw= last-modified Mon, 24 Jan 2022 21:39:35 GMT server cloudflare etag "9a8deeec336a4d1f126c31400a53d58d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL0Elv5TaVROljxbeF1wC5ZutXZsXDK71QT0Bz7cNq6w10Kp1dCl10prSYEqXtnTi8m5E6w0plTwWsItQ5Jj1M9KY3PTgh%2F%2FUYpquoyKtMHO%2F6siRRnUeE%2FDgh%2Fnrf5oq8ptUYN01KOGND%2F%2B"}],"group":"cf-nel","max_age":604800} x-amz-request-id CPJW06BDAKPJT02T access-control-allow-origin * cache-control public, max-age=86400 x-amz-version-id jFVFVloOiZ7UGfzn6Y_tYu0x1jrlW9Lw accept-ranges bytes content-type binary/octet-stream
GET H2	200	country_flags.png c5.patreon.com/external/localization/	78 KB 79 KB	91ms 89ms	Image image/png	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c5.patreon.com/external/localization/country_flags.png Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a1dbf92691d928fc762f27122c679e3eac8ed475434b81e6676f70fb2fb018b Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 54858 x-amz-replication-status COMPLETED vary Accept-Encoding x-amz-request-id EFKCN4HS9PPG5F0X x-amz-id-2 QU8asBKc56nGxxXqJMR2ZbQ7uUVUtci39XS1W3mvCGa3Jr11ZbfFgW6QDgYXWc4frPl0rQ/GWlM= accept-ranges bytes last-modified Mon, 24 Jan 2022 21:39:46 GMT server cloudflare etag "f8428f83e20e11665552b01d4d40a147" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oJecZd24o7uJcF2nR0rhqmH5fYjhf2oGH45EdXN59EdyH1ckhbTBZHRnF8ah3fqNwA5TMsmEVvNlJJegFjREYzT1gGta4L90B1fW431VAjzE%2FldHzsdShjZ%2FcbHS8RgisTUqhKxjqDUqu3h"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400 x-amz-version-id f_iLxRVFaTdgWg4AcDEZfSacKBX4MKGH content-length 80096 cf-ray 6f97140bfda1e903-MXP
GET H2	200	aktiv-grotesk-italics-variable-weight.woff2 c5.patreon.com/external/fonts/aktiv-grotesk/	74 KB 75 KB	81ms 58ms	Font binary/octet-stream	2606:4700::6810:731 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c5.patreon.com/external/fonts/aktiv-grotesk/aktiv-grotesk-italics-variable-weight.woff2 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:731 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash abf881cbbd261ce3698793b03145a599c79744f157a6c25534e38729708da739 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ Origin https://www.patreon.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT access-control-allow-methods GET, HEAD x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 59696 cf-ray 6f97140bea0c59d7-MXP x-amz-replication-status COMPLETED strict-transport-security max-age=2592000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-length 75688 x-amz-id-2 MQT5mJcqby3VinYhKvNbgKWhRG49c8PGG+rO8l32DjzTfCsQpRl9yR4aJnAYc4hHp1N1zjXwfhU= last-modified Mon, 24 Jan 2022 21:39:34 GMT server cloudflare etag "7c7a643bd8b99f08cc94db8f8dfa21a3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=def6KQGkkb5f6H%2BUNXA%2FUtmRx2SdiYDI9d2%2FbJb6RWsYOgr2w72wSM2RP1MJ0wGceCqkxveEvS7KurOgJYRGCYQwdFPfH928L7hJiOW8SGiUSVfd8n6pqFFkKCfbbtZWXPibkRu8EQ1FSG%2Fd"}],"group":"cf-nel","max_age":604800} x-amz-request-id G5MFAGDPYAHCQXMV access-control-allow-origin * cache-control public, max-age=86400 x-amz-version-id uGVdBR2r47jw_YkJWnVMPbukg0mdEJdS accept-ranges bytes content-type binary/octet-stream
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	14ms 13ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=36852155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.patreon.com%2Fthedfirreport&ul=en-us&de=UTF-8&dt=The%20DFIR%20Report%20bietet%20Actionable%20Threat%20Intelligence%20%C2%A0%7C%20Patreon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1271711616&gjid=1511683367&cid=1514012345.1649547527&tid=UA-162747485-1&_gid=92429975.1649547527&_r=1&_slc=1&z=883816272 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.patreon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 69 B	27ms 26ms	XHR text/plain	2a00:1450:4001:801::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=36852155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.patreon.com%2Fthedfirreport&ul=en-us&de=UTF-8&dt=The%20DFIR%20Report%20bietet%20Actionable%20Threat%20Intelligence%20%C2%A0%7C%20Patreon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDACEABBAAAAC~&jid=1922334734&gjid=1319488208&cid=1514012345.1649547527&tid=UA-40726300-1&_gid=92429975.1649547527&_r=1&_slc=1&z=747707631 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.patreon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 442 B	121ms 45ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-162747485-1&cid=1514012345.1649547527&jid=1271711616&gjid=1511683367&_gid=92429975.1649547527&_u=IEBAAEAAAAAAAC~&z=559804769 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 09 Apr 2022 23:38:47 GMT content-type text/plain access-control-allow-origin https://www.patreon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response api.amplitude.com/	7 B 168 B	511ms 162ms	XHR text/html	52.27.26.243 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.26.243 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-27-26-243.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Sat, 09 Apr 2022 23:38:47 GMT content-length 7 strict-transport-security max-age=15768000 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	84ms 46ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-40726300-1&cid=1514012345.1649547527&jid=1922334734&gjid=1319488208&_gid=92429975.1649547527&_u=IGDACEABBAAAAC~&z=1262963438 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 09 Apr 2022 23:38:47 GMT content-type text/plain access-control-allow-origin https://www.patreon.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 8 KB	153ms 32ms	Script application/javascript	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVW5V3Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT via 1.1 varnish, 1.1 varnish last-modified Mon, 14 Feb 2022 14:11:16 GMT server snooserv etag "9dd34b4324742bd3f713adf7f070d3b4" vary Accept-Encoding,Origin content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-encoding gzip content-length 7531
GET H2	200	uwt.js Show response static.ads-twitter.com/	14 KB 6 KB	88ms 7ms	Script application/javascript	199.232.136.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVW5V3Q Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip last-modified Tue, 29 Mar 2022 00:09:12 GMT etag "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip" vary Accept-Encoding,Host x-tw-cdn FT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache x-cache HIT, HIT accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 5410 x-served-by cache-iad-kiad7000139-IAD, cache-hhn11579-HHN
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	103ms 17ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KVW5V3Q Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26311 x-xss-protection 0 pragma public x-fb-debug fntaGVI8oHkMhm46+I71NVjUPJ1aYco+9AC+esvAtUnfW7XvDpBz2/0rR/VyGNUzkyPhufbA89IW/H1b79NqQg== x-fb-trip-id 2050670934 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sat, 09 Apr 2022 23:38:47 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	123 KB 36 KB	251ms 147ms	Script application/javascript	95.101.20.187 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C65HD29R48GN82KJEGU0&lib=ttq Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.187 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-187.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2bba4f6297c4d6cfeb1a9e8f2511fc1c24f93863728b216bfb213faf0fd7f669 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-akamai-request-id 686fd165.142340fb date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-220-105-87.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-183.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 132,95.101.20.183 server-timing cdn-cache; desc=MISS, edge; dur=119, origin; dur=13, inner; dur=2 content-length 36349 pragma no-cache server nginx x-tt-logid 202204092338470101130061361FC857D4 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 13,23.220.105.87 x-tt-trace-host 0184b187faed9c0c048c59e806dfb385e3cca7d3ca6bb788eb919c34342ba00b0ac451f66a3c0240909fde5540a7563bca03160e2e532075ab42c0642816c9c5b88af1cf895a84c54001de4c005f45c8c64433a6ea7a37ae396c49b699413bea71c70c435fbeee1ed3b4212e4fa2032695 expires Sat, 09 Apr 2022 23:38:47 GMT
POST H2	200	/ Show response api-js.datadome.co/js/	232 B 410 B	61ms 9ms	XHR application/json	52.58.131.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-js.datadome.co/js/ Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.131.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-131-14.eu-central-1.compute.amazonaws.com Software DataDome / Resource Hash 87ea65d1d38fb4155dc644ff256671220744518e7cd4da7a59ec47bcfa557415 Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT server DataDome content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 232 expires 0
GET H2	200	566.a3cafd39.chunk.js Show response c1.patreon.com/content-based/de-DE/	17 KB 5 KB	53ms 52ms	Script application/javascript	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c1.patreon.com/content-based/de-DE/566.a3cafd39.chunk.js Requested by Host: c1.patreon.com URL: https://c1.patreon.com/content-based/de-DE/runtime.2bccab30.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e38bf6d91d7a764a14a1a557a28b59da70472748b84b88851518e0e9ed8abf90 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 90091 cf-ray 6f97140d2eb9e903-MXP x-amz-replication-status COMPLETED vary Accept-Encoding content-length 4941 x-amz-id-2 T/X+jCt7H6IO90KIfTqx1L5Hzg4z20O6CfVWvFl0LYiby1cPEuLaJVxJd+gN4F9pQAq8gQyB950= x-amz-expiration expiry-date="Thu, 06 Oct 2022 00:00:00 GMT", rule-id="Expire after 180 days" last-modified Fri, 08 Apr 2022 21:14:20 GMT server cloudflare etag "b95b4444217f8b6523dee644d48a703d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V95aLvv%2Bv%2B%2BvgEDQ8IlCF83bJf9pDq%2BwPlZ%2FlQlvQaXgDeNxO1dw6k1AED6H%2B9j7ah2fV8GUCTxTxOG0CG70UaRFxI2Uh4rCS3Ncu7CIgd9gqo9oXQD5vaajS5rg%2Bgs9r4htNhCaOTCFXHOI"}],"group":"cf-nel","max_age":604800} x-amz-request-id W1F2JH05NACHQ677 cache-control max-age=31536000,public x-amz-version-id wdpZan_ugEZawmdzKXVMmNekdMxSSb8R accept-ranges bytes content-type application/javascript
GET H2	200	4762286 Show response www.patreon.com/api/campaigns/	11 KB 2 KB	356ms 356ms	Fetch application/vnd.api+json	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.patreon.com/api/campaigns/4762286?include=reward_items.null%2Crewards.items.null%2Creward_items.reward_item_configuration.campaign_installation%2Creward_items.template&fields[reward]=[]&fields[reward-item]=created_at%2Cends_at%2Ctte_interval%2Crule_type&json-api-use-default-includes=false&json-api-version=1.0 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5dfdd459f3c77a0f1fa63f178f1f614caef72f747a685feee1f0fedf08adbdc Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 x-datadog-origin rum User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 x-datadog-sampling-priority 1 Content-Type application/vnd.api+json Referer https://www.patreon.com/thedfirreport x-datadog-trace-id 598261305838932874 x-datadog-parent-id 3024256622318876506 x-datadog-sampled 1 Response headers date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-patreon-uuid ca12e521-876d-52d1-9e75-bb0d961b81ab expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcgd%2B9bG66aJk%2F%2FeLaJP9PlMfvEFF6qqEBrH2WcBTb6fad%2FxcrlTePIXlliaMLxlclJ%2FFRvXvgc1JObk9jUWXFKPGpPDjkvavZZIJLFD0XODrdd5m2sam5bl4q%2FlkS3pANxA0udcdQX8j03vkQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/vnd.api+json cache-control private x-protected-by Sqreen cf-ray 6f97140fa8b2e903-MXP vary Accept-Encoding
GET H2	200	posts Show response www.patreon.com/api/	11 KB 2 KB	562ms 562ms	Fetch application/vnd.api+json	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.patreon.com/api/posts?include=user.null%2Caccess_rules.tier.null%2Cattachments.null%2Caudio.null%2Cimages.null%2Cpoll.choices.null%2Cpoll.current_user_responses.null&fields[user]=full_name%2Cimage_url%2Curl&fields[post]=comment_count%2Ccontent%2Ccontent_teaser_text%2Ccurrent_user_can_view%2Cembed%2Cimage%2Cis_paid%2Clike_count%2Cmin_cents_pledged_to_view%2Cpatreon_url%2Cpledge_url%2Cpost_file%2Cpost_type%2Cpost_metadata%2Cpublished_at%2Cteaser_text%2Ctitle%2Cupgrade_url%2Curl&fields[reward]=[]&fields[access-rule]=access_rule_type%2Camount_cents%2Cpost_count&fields[media]=download_url%2Cimage_urls%2Cmetadata&filter[campaign_id]=4762286&filter[contains_exclusive_posts]=true&filter[is_draft]=false&page[size]=10&sort=-published_at&json-api-use-default-includes=false&json-api-version=1.0 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf3957d9dade2222eb38c7978192549231687601c38092966abb343bce194529 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 x-datadog-origin rum User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 x-datadog-sampling-priority 1 Content-Type application/vnd.api+json Referer https://www.patreon.com/thedfirreport x-datadog-trace-id 395680781354822332 x-datadog-parent-id 9063420699499845475 x-datadog-sampled 1 Response headers date Sat, 09 Apr 2022 23:38:48 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-datadome protected x-protected-by Sqreen strict-transport-security max-age=2592000 server cloudflare x-patreon-uuid e7e47177-4b32-582c-9183-3f65d7132077 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKreSRtMUj4qhalYfyB%2FMZ0iGmbuLEPtsxRNezIJZzfcHcBtSQMr%2FEZgrtkmD0RGvKh6VDdzbPujKIV90ACzVh8GCNXZH0w2Eeoc0WOgPgsfv7DFCLK9wyXNyFKIglFFsvm5nptd9wOQgHu4Cg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/vnd.api+json cache-control private cf-ray 6f97140fb8b3e903-MXP
POST H2	200	/ Show response o83571.ingest.sentry.io/api/5405162/envelope/	2 B 102 B	10ms 10ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o83571.ingest.sentry.io/api/5405162/envelope/?sentry_key=9f4cd98136744e53b233bbe399c3a0f1&sentry_version=7 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 09 Apr 2022 23:38:47 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://www.patreon.com access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc clear content-length 2
POST H2	200	/ Show response o83571.ingest.sentry.io/api/5405162/store/	41 B 145 B	9ms 8ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o83571.ingest.sentry.io/api/5405162/store/?sentry_key=9f4cd98136744e53b233bbe399c3a0f1&sentry_version=7 Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 537874bb1405c64c45a8e69451c1955f334eaf5e11e93b34f1722ed46f9cab4e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 09 Apr 2022 23:38:47 GMT via 1.1 google server nginx vary Origin content-type application/json access-control-allow-origin https://www.patreon.com access-control-expose-headers x-sentry-rate-limits, x-sentry-error, retry-after x-envoy-upstream-service-time 0 strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc clear content-length 41
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	39ms 16ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-162747485-1&cid=1514012345.1649547527&jid=1271711616&_u=IEBAAEAAAAAAAC~&z=1414565982 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	44ms 17ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-162747485-1&cid=1514012345.1649547527&jid=1271711616&_u=IEBAAEAAAAAAAC~&z=1414565982 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	39ms 17ms	Image image/gif	2a00:1450:4001:812::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40726300-1&cid=1514012345.1649547527&jid=1922334734&_u=IGDACEABBAAAAC~&z=277039915 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	42ms 17ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-40726300-1&cid=1514012345.1649547527&jid=1922334734&_u=IGDACEABBAAAAC~&z=277039915 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rp.gif alb.reddit.com/	42 B 157 B	128ms 102ms	Image image/gif	151.101.193.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1649547527698&id=t2_1o7zgsup&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=5973f0e2-0ffa-468f-8052-b766fc6f04e9&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_da535582 Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT via 1.1 varnish server Varnish content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H3	200	identity.js Show response connect.facebook.net/signals/plugins/	64 KB 20 KB	39ms 18ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.57 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5825a682d41932f76e0cb9afa5967e2b7f236a2f9439587bc6d937bc76edf005 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 20656 x-xss-protection 0 pragma public x-fb-debug UeKAAkJNSfZ71fau8QfkxVPGSLvZjKNGTno+r96cWl1KygLrS+IJyDo+Nz7rEP55cH8/kmfdorpKMNCto2A7LA== x-frame-options DENY date Sat, 09 Apr 2022 23:38:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	267568703576098 Show response connect.facebook.net/signals/config/	309 KB 88 KB	55ms 35ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/267568703576098?v=2.9.57&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 50eb1011b1dfea08706bafc2e69b37ed5c1e0d2abc85b53cf4b1f1932a358620 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 90014 x-xss-protection 0 pragma public x-fb-debug sJl1UVkmDiI0nVzHd78Xh2G1AYpNwdyEqvjmY5PnDQHfdk9BQmLgGfF6l0nlLp3BKPedJRfHOAzhNGUIJ1IlYA== x-frame-options DENY date Sat, 09 Apr 2022 23:38:47 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	identify.js Show response analytics.tiktok.com/i18n/pixel/	114 KB 31 KB	134ms 134ms	Script application/javascript	95.101.20.187 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/identify.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C65HD29R48GN82KJEGU0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.187 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-187.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-akamai-request-id 1940a11b.14234393 date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-cache-remote TCP_MISS from a172-232-9-36.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-183.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 117,95.101.20.183 server-timing cdn-cache; desc=MISS, edge; dur=95, origin; dur=22, inner; dur=4 pragma no-cache server nginx x-tt-logid 202204092338470101130062330B6B389B vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 22,172.232.9.36 x-tt-trace-host 0184b187faed9c0c048c59e806dfb385e365f3e3b0d26be1c2dcc4cd9aa29652a639ace43cc31994fc05c0745e957052c24e2a0edb3e2b9d45d5b554d08f3b9bd030a2a06548fbc80c84b08422aabf48af6a9bd3e885387a4b36862b6fbfac1ac4ee34c4be9e93360e6d278073703a776c expires Sat, 09 Apr 2022 23:38:47 GMT
GET H2	200	config.js Show response analytics.tiktok.com/i18n/pixel/	873 B 1 KB	116ms 116ms	Script application/javascript	95.101.20.187 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C65HD29R48GN82KJEGU0&hostname=www.patreon.com Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C65HD29R48GN82KJEGU0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.187 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-187.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9b0997a4197c40bd6659f58420e96f84b0f6bdfc41b3c3683f586e460f970452 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-akamai-request-id c61e6a1.142343d2 date Sat, 09 Apr 2022 23:38:47 GMT content-encoding gzip x-cache-remote TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-183.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 99,95.101.20.183 server-timing cdn-cache; desc=MISS, edge; dur=93, origin; dur=6, inner; dur=3 content-length 349 pragma no-cache server nginx x-tt-logid 202204092338470101130061511D9A32F9 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 6,23.220.105.69 x-tt-trace-host 0184b187faed9c0c048c59e806dfb385e3cca7d3ca6bb788eb919c34342ba00b0ae941137a94aa3ae3c710633dfffff8f891a5c016f8241a0998e069cff198688d848c230901233173baf42307d6c1671861bbec267abee029faff35a6007396134042fae995f27cbb56e9c596008f942b expires Sat, 09 Apr 2022 23:38:47 GMT
GET H2	403	adsct analytics.twitter.com/i/	0 0	226ms 109ms	Script text/plain	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nw1x9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d57aa76e-47ae-4bcf-87d5-f01c3d31af9d&tw_document_href=https%3A%2F%2Fwww.patreon.com%2Fthedfirreport&tpx_cb=twttr.conversion.loadPixels Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-response-time 102 date Sat, 09 Apr 2022 23:38:47 UTC cache-control no-cache, no-store, max-age=0 server tsa_o x-connection-hash 1082b0d33a3f4ec3fa8fcd5094bfe400348fae06397ceb8fa6b0f829228374ec content-length 0 strict-transport-security max-age=631138519
GET H2	200	adsct t.co/i/	43 B 338 B	139ms 113ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nw1x9&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=d57aa76e-47ae-4bcf-87d5-f01c3d31af9d&tw_document_href=https%3A%2F%2Fwww.patreon.com%2Fthedfirreport Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers x-response-time 106 date Sat, 09 Apr 2022 23:38:47 GMT server tsa_o strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash 2d5ba523b2e7b5d6a07e10074bd4267df358b328258cedc76ccdc4d495c727dd content-length 43
GET H2	200	/ www.facebook.com/tr/	44 B 408 B	36ms 9ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=267568703576098&ev=PageView&dl=https%3A%2F%2Fwww.patreon.com%2Fthedfirreport&rl=&if=false&ts=1649547527814&sw=1600&sh=1200&v=2.9.57&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222593279477433056%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22494709207816945%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22501763163761072%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%222602264816534285%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1649547527813.651042309&it=1649547527703&coo=false&tm=1&exp=p1&rqm=GET Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 23:38:47 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Sat, 09 Apr 2022 23:38:47 GMT
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 709 B	140ms 140ms	Ping application/octet-stream	95.101.20.187 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C65HD29R48GN82KJEGU0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.20.187 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-101-20-187.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.patreon.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1940c8e4.142344d3 date Sat, 09 Apr 2022 23:38:48 GMT x-cache-remote TCP_MISS from a172-232-9-36.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a95-101-20-183.deploy.akamaitechnologies.com (AkamaiGHost/10.7.4-40388856) (-) x-parent-response-time 122,95.101.20.183 server-timing cdn-cache; desc=MISS, edge; dur=101, origin; dur=21, inner; dur=16 content-length 0 pragma no-cache server nginx x-tt-logid 20220409233847010113006209113FD411 content-type application/octet-stream access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 21,172.232.9.36 x-tt-trace-host 0184b187faed9c0c048c59e806dfb385e365f3e3b0d26be1c2dcc4cd9aa29652a639ace43cc31994fc05c0745e957052c24e2a0edb3e2b9d45d5b554d08f3b9bd0bb76baf6a3e1885d00a9ac5b3430d1900bd448cd3ba38abaf513fe71891fc3985f2c2f48eb6991e4be0f45b07e94a2c2 expires Sat, 09 Apr 2022 23:38:48 GMT
GET H2	200	s.js Show response cdn.siftscience.com/	61 KB 20 KB	46ms 7ms	Script application/javascript	34.96.67.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.siftscience.com/s.js Requested by Host: www.patreon.com URL: https://www.patreon.com/thedfirreport Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.67.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 05:45:31 GMT content-encoding gzip age 64397 x-guploader-uploadid ADPycds-v58PJrVccFfnqnvylh-ByZ8mME05BJchty6JZfF11oI3kWXjsPN2FRvXkpZgZo2Oumg7AnPr0gPgwFRGb7Q6Fw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 20452 last-modified Thu, 09 Apr 2020 21:59:13 GMT server UploadServer etag "07cb8203158abb26b3c18318350e7b36" vary Accept-Encoding x-goog-hash crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng== x-goog-generation 1586469553682331 cache-control public, max-age=86400 x-goog-stored-content-length 20452 accept-ranges bytes content-type application/javascript expires Sun, 10 Apr 2022 05:45:31 GMT
GET H2	200	58417.gif hexagon-analytics.com/images/	43 B 240 B	125ms 95ms	Image image/gif	34.102.232.42 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hexagon-analytics.com/images/58417.gif?bk=7848bad5f1&tm=24&r=408558823&v=105&cs=UTF-8&h=www.patreon.com&l=en-US&S=a3288bc39073091e716d35500ea450f9&uu=94fc2f6559db7aa385acf2aabd02eb0&t=The%20DFIR%20Report%20bietet%20Actionable%20Threat%20Intelligence%20%C2%A0%7C%20Patreon&u=https%3A%2F%2Fwww.patreon.com%2Fthedfirreport&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=true&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 42.232.102.34.bc.googleusercontent.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.patreon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers pragma no-cache date Sat, 09 Apr 2022 23:38:48 GMT via 1.1 google x-content-type-options nosniff server nginx content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate alt-svc clear expires Thu, 01 Jan 1970 00:00:00 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame A8E4	0 18 B	16ms 6ms	Document text/plain	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.patreon.com Referer https://www.patreon.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.patreon.com alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Sat, 09 Apr 2022 23:38:48 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
POST H2	200	tracking Show response www.patreon.com/api/	7 B 574 B	291ms 291ms	XHR text/html	2606:4700::6810:631 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.patreon.com/api/tracking Requested by Host: browser.sentry-cdn.com URL: https://browser.sentry-cdn.com/6.17.9/bundle.tracing.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:631 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 x-datadog-origin rum User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 x-datadog-sampling-priority 1 Content-Type application/json;charset=UTF-8 Referer https://www.patreon.com/thedfirreport x-datadog-trace-id 7150536537674266305 x-datadog-parent-id 5042274417689979182 x-datadog-sampled 1 Response headers date Sat, 09 Apr 2022 23:38:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-patreon-uuid 04bd2298-1e1d-591d-a221-8c9693e15de9 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzgHC%2FdxEC3TF89xtfl6Z%2FE0tpH0u4yYd%2BIZ9702Dgrf2Tbmp4ow52MQQ2KLitum%2BPxNKy%2F8qhn2OfNnfPb2FrbvjiBrBDGYWz%2Bo475ZwdGPfCN%2Fx375XsxNUkLhB%2B5xNwMrhqmDfhJXPY7Sww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private x-protected-by Sqreen cf-ray 6f9714224866e903-MXP vary Accept-Encoding