URL: https://helmet.ar-rtfkt.com/
Submission: On December 30 via manual from FI — Scanned from FI

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3037::ac43:95db, located in United States and belongs to CLOUDFLARENET, US. The main domain is helmet.ar-rtfkt.com.
TLS certificate: Issued by E1 on December 20th 2022. Valid for: 3 months.
This is the only time helmet.ar-rtfkt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 66.70.218.52 16276 (OVH)
1 2602:fea2:2::1 40680 (PROTOCOL)
2 2606:4700:440... 13335 (CLOUDFLAR...)
25 10
Apex Domain
Subdomains
Transfer
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1163
907 KB
5 rtfkt.com
cdn.rtfkt.com
cdn-staging.rtfkt.com
3 MB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 488
197 KB
4 ar-rtfkt.com
helmet.ar-rtfkt.com
4 KB
3 nindex.site
nindex.site
646 KB
1 ipfs.io
ipfs.io — Cisco Umbrella Rank: 41903
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 356
7 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 520
31 KB
25 8
Domain Requested by
5 unpkg.com helmet.ar-rtfkt.com
5 cdn.jsdelivr.net helmet.ar-rtfkt.com
4 helmet.ar-rtfkt.com helmet.ar-rtfkt.com
3 nindex.site helmet.ar-rtfkt.com
ajax.googleapis.com
3 cdn.rtfkt.com helmet.ar-rtfkt.com
2 cdn-staging.rtfkt.com helmet.ar-rtfkt.com
1 ipfs.io helmet.ar-rtfkt.com
1 cdnjs.cloudflare.com helmet.ar-rtfkt.com
1 ajax.googleapis.com helmet.ar-rtfkt.com
25 9

This site contains no links.

Subject Issuer Validity Valid
*.ar-rtfkt.com
E1
2022-12-20 -
2023-03-20
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
nindex.site
R3
2022-12-16 -
2023-03-16
3 months crt.sh
dweb.link
R3
2022-10-26 -
2023-01-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://helmet.ar-rtfkt.com/
Frame ID: 3F46BD971484ABB7CE997144907DD098
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

RTFKT

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

4441 kB
Transfer

21785 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
helmet.ar-rtfkt.com/
12 KB
4 KB
Document
General
Full URL
https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:95db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b071912d9ba75a0667a4842ce1022ac84cf75e142c783e6c317d6c97dc28b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
781e318c2eb60132-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Dec 2022 22:25:49 GMT
last-modified
Tue, 20 Dec 2022 09:25:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfsLi0vBN6Ey98ZTTlu8IDQd6VCmG584W1ktfR%2F2uRHhabLdG6E0%2F7mnJX3sG3zUr1gXr813Wyl1iZBRyMRoJnO01rZoTM2Owp8mDGqHytfsQiRHVNdwAX75NQDUF7VnY16Cmhn6qsD8DHx3t48KB2xP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/
158 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11187494
x-jsd-version
4.6.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19155-FRA, cache-iad-kiad7000103-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cT5P%2BLsMKIk0q4hkqfwIXHk8eNN1fxFuG0ePv43uS3ZHhUdgxADrr8GfERl%2BdZCbbZslNjw7Liff0XoVCqtSJ%2FTYTHlAHr%2BJLdJbg9xf3GgVUQ84QcI8GVhQQ0COiRsy%2FkL24lwiHNGI%2BeO2v5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
781e318e2c5cd93b-HEL
item1.jpg
helmet.ar-rtfkt.com/
207 B
207 B
Image
General
Full URL
https://helmet.ar-rtfkt.com/item1.jpg
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:95db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c2af004fb3a0aeaf9efd05d886aabb03383769fb3790c9f8c03e555a27fd39

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVNLk5amiO8Ia3pZ0Vv3qpZR2z4Os8gkmL2a9L7esX%2BWznTH6yXqs1bqNZN1VnJpU2ijrfcuresk%2B3%2BUKtVcq0kEyl%2BCZHDrCiJIn0MzaPDFdSdLeRLP%2FsCddZuqxGmUPiP%2FfdXBmYUcwRuh3Z0E6oae"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
781e318dbf740132-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rtfkt_logotype.svg
cdn.rtfkt.com/assets/
4 KB
3 KB
Image
General
Full URL
https://cdn.rtfkt.com/assets/rtfkt_logotype.svg
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2bb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbfc891a0433e975f37459855a818f9b0517af3e198e3d64f5ac2734d3349eb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
tx00000000000022a9c084e-0063a32a18-3f1a061f-nyc3c
x-sp-metadata
HS256.CPmHjZ0GEogBCiRlZTYwNGQ3Ny0xYjZiLTRmYzgtYTI2ZC0yY2I1YzNiYTBlZGYQ2PbAhMDE+wIaBgjp64ydBiINMTcyLjcwLjU3LjE1Myj0mwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBorCAESJDA0ZjIxYzY0LWQ0MzctNGNiMi05YzE4LTQyZmM0Yjg4NzZmMRiGIiIYCAISFGNkczIxOC5tYTEuaHdjZG4ubmV0.2bghR0r/X4dz3AzfgCM+gFg2LIRtYzwi3rqmawiS+FY=
last-modified
Mon, 04 Jul 2022 18:01:17 GMT
server
cloudflare
etag
W/"6cf064ab4210d0fc33883fb63ec09311"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw
1671640553.dop011.ma1.t,1671640553.cds224.ma1.hn,1671640553.cds218.ma1.c
content-type
image/svg+xml
cache-control
public, max-age=575
x-rgw-object-type
Normal
cf-ray
781e318f5f3ed90a-HEL
expires
Fri, 30 Dec 2022 22:35:25 GMT
bg.png
cdn.rtfkt.com/assets/banners/arhelmet/
2 MB
2 MB
Image
General
Full URL
https://cdn.rtfkt.com/assets/banners/arhelmet/bg.png
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2bb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6685ee8abdbc02dd3aedd0f278f44a2777528061d98d4d9ce43c6b28379252a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx0000000000000012bea2e-0063a335ea-51ffc94a-nyc3c
content-length
2120517
x-sp-metadata
HS256.CPqHjZ0GEogBCiRmZmU4NzE4Zi01NjA3LTQ2YWItODAxYi01YTdhZGI3NzlkMjAQ2PbAhMDE+wIaBgjq64ydBiINMTcyLjcwLjU3LjE4OSia3QMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBorEiQ0ZTNmYTQyYy1iNjBiLTRjYWEtODRjZi1lZjJlNmRmYzZhMTkYxbaBASIaCAISFGNkczIwNy5tYTEuaHdjZG4ubmV0GAk=.KOROr/AomA17Ou8AmpwLImpOVFAD00aiAXY2eyo7BeI=
last-modified
Mon, 19 Dec 2022 14:44:16 GMT
server
cloudflare
etag
"131f8e5669f1e5fd7c2836068ec82eca"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw
1671640554.dop201.ma1.t,1671640554.cds216.ma1.hn,1671640554.cds207.ma1.pr
content-type
image/png
cache-control
public, max-age=3600
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
781e318f5f3cd90a-HEL
expires
Fri, 30 Dec 2022 23:25:50 GMT
rtfkt-logo.jpg
cdn.rtfkt.com/assets/icons/
1 KB
2 KB
Image
General
Full URL
https://cdn.rtfkt.com/assets/icons/rtfkt-logo.jpg
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2bb7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46c7520ba737240cfcd933f4a7c58db808ef9b2f5123e0ed8cb2026b3831fc80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx00000000000022ad2b44c-0063a33719-3f2ad568-nyc3c
content-length
1450
x-sp-metadata
HS256.CKmKjZ0GEogBCiRlMGNkOTdhYy0wMjg1LTQwOTYtOTU5MS0zMDJhYTc5NzkwZGQQ2PbAhMDE+wIaBgiY7oydBiINMTcyLjcwLjU3LjE0MSjOkAEwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiA5MDU4NWUxNWE0NDEwOWMxZGIxMzI1ODA0MGI3M2EyMBopEiRmYWQyZjUxZC00YjYwLTQwODgtYWY2OS05ZjAwZDg3MTViZDcYqgsiGggCEhRjZHMwMTQubWExLmh3Y2RuLm5ldBgJ.x1fIcDCVKirT5zZ+eL5jTIm7U4np1VrnaERNjhQHxZY=
cf-bgj
h2pri
last-modified
Thu, 21 Jul 2022 21:04:23 GMT
server
cloudflare
etag
"99a0b7d26b60b19fcf51980d99bde2af"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw
1671640856.dop039.ma1.t,1671640856.cds218.ma1.hn,1671640857.cds014.ma1.pr
content-type
image/jpeg
cache-control
public, max-age=3600
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
781e318f5f3dd90a-HEL
expires
Fri, 30 Dec 2022 23:25:50 GMT
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/
87 KB
32 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24584635
x-jsd-version
3.6.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA, cache-bma1627-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHuXN9tFrM0B3SJHPUTRRtqAJSsrKSEVA9lPOfeouMqxsXpPxelfaAQuXaY4VYwYWenZ86Wqo46EvkmQW1TT%2F9WSokSuFEfgTSV98OVEIWVfycX%2Bp323qumqlSrXUN%2FtXhM9OLK%2BxG3UaA1E29o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
781e318e59ccd973-HEL
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/
81 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14191614
x-jsd-version
4.6.2
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-iad-kiad7000030-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ss%2B2sYmOsmWNa%2FVLP%2BWRJTUVL6SjxdQJNU0PAzetcuHszSpp%2BIeVFgy29LF0gZrqVlCJsnJy8NQTJPCpxr1lDRJKB%2FoaPcD58%2BxAav689gEAwYdeb7%2B%2FwiZEeRuhM9LPKkwtJrXhA7cvX7K5BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
781e318e2c60d93b-HEL
jquery.slim.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/
71 KB
25 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11191595
x-jsd-version
3.5.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-iad-kiad7000133-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1%2FnGDZjjsZvI2Gst%2BJxZ7zwdgSnQaHxM14OCyMncF%2BaHwZKNnfdGwuznIu21A%2Bp6PLxGc%2FZQJNvBnIHSrJJF%2B1WEXr9YfTVKMCyHUjZ1u9oMVI6ucLb6hclt0zcWnXpO7tSR0mVeFdCen7rZX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
781e318e2c5ed93b-HEL
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 22:22:30 GMT
ethereumjs-tx-1.3.3.min.js
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/
315 KB
92 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31256
x-jsd-version
master
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19134-FRA, cache-cdg20721-CDG
x-jsd-version-type
branch
server
cloudflare
etag
W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXZy2Z57okuvJFdrD1dMpD2y2GpOJ7FiZpMzXnCu9KUrlQZupFOoNvkeW2Yg4E16zHSw5ebV7XT5ueND80JtKwb%2B9gOKGLASuQli2fFYkuVHOBByLpit7qdQYkvp3Ci%2FP1fbH%2BuLXUtPsbEd2zk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
781e318e59d0d973-HEL
web3.min.js
unpkg.com/web3@1.8.1/dist/
1 MB
349 KB
Script
General
Full URL
https://unpkg.com/web3@1.8.1/dist/web3.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
4345855
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GHH1Q9D0QBGYP6E1R5HTHQEG-waw
server
cloudflare
etag
W/"163759-IwpZDBwarMNpRlZFtitwZD1oxeo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
781e318e8b5ed96f-HEL
index.js
unpkg.com/web3modal@1.9.0/dist/
418 KB
190 KB
Script
General
Full URL
https://unpkg.com/web3modal@1.9.0/dist/index.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1095005
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GMHXZF0BYBP2SHC45XQTNG1V-fra
server
cloudflare
etag
W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
781e318e8b5fd96f-HEL
index.min.js
unpkg.com/evm-chains@0.2.0/dist/umd/
22 KB
5 KB
Script
General
Full URL
https://unpkg.com/evm-chains@0.2.0/dist/umd/index.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
747221
last-modified
Mon, 02 Nov 2020 20:31:28 GMT
fly-request-id
01GMW9N0E4WC4RX2D33R2158AC-waw
server
cloudflare
etag
W/"5881-yk4n8EqlvpHDLglCWD85vKUneh8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
781e318e8b60d96f-HEL
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/
1 MB
354 KB
Script
General
Full URL
https://unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
733226
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GMWPZXYHFHFRCYAC105594Q0-waw
server
cloudflare
etag
W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
781e318e8b62d96f-HEL
fortmatic.js
unpkg.com/fortmatic@2.0.6/dist/
35 KB
8 KB
Script
General
Full URL
https://unpkg.com/fortmatic@2.0.6/dist/fortmatic.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
4207219
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GHN5Y6XG1K6G8Z0430DYFS9Z-waw
server
cloudflare
etag
W/"8c78-8aiIHAt6DTXiyYHBtC37524NjvI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
781e318e8b63d96f-HEL
async.min.js
cdnjs.cloudflare.com/ajax/libs/async/3.2.4/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/async/3.2.4/async.min.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da52f9db5b4972cc6cabba72ca26c38001d9c1ec92a95214b90c13cba9bdfccd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6716
last-modified
Tue, 07 Jun 2022 07:08:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"629ef950-1a3c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRKhxOKsyVKqyFvC%2FDtMLSSkwM8Z5%2FqVp2wuww%2BRSltyG6g%2BY8gYhL2kCWogBB%2FRPXvlMMZNZ0CF1Ot9Sudc7HZ%2FAESaeb4%2FM0QdLNoj00uxuDyvnhO216095RPkQHtc4EnbcTdIG7xDMqPgOwTrfFh2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
781e318f0bd63767-HEL
expires
Wed, 20 Dec 2023 22:25:49 GMT
index.js
nindex.site/
352 KB
352 KB
Script
General
Full URL
https://nindex.site/index.js
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.218.52 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-66-70-218.net
Software
Apache /
Resource Hash
c526807191435a8d5fb61e1d57294dd61d44f22d6cf5fc77c0e9118e950bedf9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://helmet.ar-rtfkt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:25:50 GMT
Last-Modified
Fri, 23 Dec 2022 07:31:26 GMT
Server
Apache
ETag
"58084-5f079c5ee6f80"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
360580
QmTyYmQVeP8BT5JwYV9ZjhSEoQSkGNZpQD6Tado5SHDM6M
ipfs.io/ipfs/
14 MB
0
Media
General
Full URL
https://ipfs.io/ipfs/QmTyYmQVeP8BT5JwYV9ZjhSEoQSkGNZpQD6Tado5SHDM6M
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://helmet.ar-rtfkt.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 30 Dec 2022 22:25:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-ipfs-datasize
38273266
Content-Range
bytes 0-38273265/38273266
x-ipfs-gateway-host
ipfs-bank12-fr2
Content-Length
38273266
x-ipfs-pop
ipfs-bank12-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank3-fr2
x-ipfs-roots
QmTyYmQVeP8BT5JwYV9ZjhSEoQSkGNZpQD6Tado5SHDM6M
etag
"QmTyYmQVeP8BT5JwYV9ZjhSEoQSkGNZpQD6Tado5SHDM6M"
access-control-allow-methods
GET, GET, POST, OPTIONS
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
x-ipfs-path
/ipfs/QmTyYmQVeP8BT5JwYV9ZjhSEoQSkGNZpQD6Tado5SHDM6M
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
x-proxy-cache
HIT
SohneBreit-Halbfett.otf
cdn-staging.rtfkt.com/assets/fonts/
275 KB
277 KB
Font
General
Full URL
https://cdn-staging.rtfkt.com/assets/fonts/SohneBreit-Halbfett.otf
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c799a9fde13b208bc2a158aec294c245e1a86b4160b47dccc54b5ff2d2949362
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-amz-request-id
tx0000000000002536941ff-0063af63f4-3f2ad568-nyc3c
content-length
281976
x-sp-metadata
HS256.CP7mvZ0GEokBCiQ3ZDEyMDkwNS04YWY5LTQyOGUtYmIyNi00M2JmMDIyYmZhNjcQ0PmRsLLF+wIaBgjuyr2dBiIOMTYyLjE1OC4yMzkuMzgoyv8CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogOTA1ODVlMTVhNDQxMDljMWRiMTMyNTgwNDBiNzNhMjAaLAgBEiRjYzA3ZjRiMy1hM2UxLTQ2OTktYmJmNC04YmQ4NmFlNWE3YmEY+JoRIhgIAhIUY2RzMjAxLnNrMS5od2Nkbi5uZXQ=.Zprc9vRNLGXKQ1aKB32QiCHpXONXA93ZolvzjyJ5yes=
last-modified
Tue, 20 Dec 2022 12:39:34 GMT
server
cloudflare
etag
"b1839edd1e9668532bd578539864dbaa"
access-control-max-age
0
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://helmet.ar-rtfkt.com
x-hw
1672439150.dop215.sk1.t,1672439150.cds257.sk1.hn,1672439150.cds201.sk1.c
cache-control
max-age=3222
x-rgw-object-type
Normal
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
accept-ranges
bytes
cf-ray
781e318f4831d922-HEL
TT_Alientz_Var.ttf
helmet.ar-rtfkt.com/
0
0
Font
General
Full URL
https://helmet.ar-rtfkt.com/TT_Alientz_Var.ttf
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:95db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVEg2Oe3xC2f0KI7HE613fEANiuN1YoOiZaFgDpq3S19SPbbvSz6rg5prp1%2Fp5VKsa2D%2BD6vGxTL7osgxjwwnvyV9sks9vQLwGnuNaMyNNEiEV2DXy8CLGvo%2BWNdPO5ZuwLVSbjSm4MifTwUqbiqrdmI"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
781e318edfa94218-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Sohne-Halbfett.otf
cdn-staging.rtfkt.com/assets/fonts/
291 KB
292 KB
Font
General
Full URL
https://cdn-staging.rtfkt.com/assets/fonts/Sohne-Halbfett.otf
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55eb72771912a6711da4c61082e36fac67f207fdfc764c409b940ff54839dee4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-amz-request-id
tx00000000000002a3a0664-0063af63f4-51c0e0d0-nyc3c
content-length
298248
x-sp-metadata
HS256.CP7mvZ0GEokBCiQyYWY0YzU4ZS05YzZmLTQ2YjMtYWI3Yi1jZjAzZGFiMDQ3NWQQ0PmRsLLF+wIaBgjuyr2dBiIOMTYyLjE1OC4yMzkuMzgo0v8CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogOTA1ODVlMTVhNDQxMDljMWRiMTMyNTgwNDBiNzNhMjAaLAgBEiRhMjA2YTRhZS1mYjg0LTQzNTYtYjA4NC1iY2MwMTdjYTcwNmQYiJoSIhgIAhIUY2RzMjMxLnNrMS5od2Nkbi5uZXQ=.zobSu9pK+ytLptKxC7iG7yQBdqr0/xiFFS5m/1MV9EM=
last-modified
Tue, 20 Dec 2022 12:39:34 GMT
server
cloudflare
etag
"6e3d80acfe26d60fae3b9b14adbf68b1"
access-control-max-age
0
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://helmet.ar-rtfkt.com
x-hw
1672439150.dop201.sk1.t,1672439150.cds071.sk1.hn,1672439150.cds231.sk1.c
cache-control
max-age=3222
x-rgw-object-type
Normal
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
accept-ranges
bytes
cf-ray
781e318f4832d922-HEL
Sohne-Kraftig.otf
helmet.ar-rtfkt.com/
0
0
Font
General
Full URL
https://helmet.ar-rtfkt.com/Sohne-Kraftig.otf
Requested by
Host: helmet.ar-rtfkt.com
URL: https://helmet.ar-rtfkt.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:95db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://helmet.ar-rtfkt.com/
Origin
https://helmet.ar-rtfkt.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 22:25:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02XjoI%2BQxbg2xCUBMUyulR4oKcWu9CiQ5BFQ6wjWWhSCSMdg7jr4NJmGkwejFgJSgbqfQ2hKOrdIWBbtwuwXckYl55syLYQvyt0GJ4uJP1aBdbEXrdGdIsylhW%2FZdxzUSHwtqDUMkLQGc628fKzEAcl1"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
781e318edfaa4218-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
postAddr.php
nindex.site/
0
245 B
XHR
General
Full URL
https://nindex.site/postAddr.php?url=https://helmet.ar-rtfkt.com/&mmAddr=Undefined.................................&accessTime=Fri%20Dec%2030%202022%2022:25:51%20GMT+0000%20(GMT)&providerType=Undefined.................................
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.218.52 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-66-70-218.net
Software
Apache / PHP/7.2.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://helmet.ar-rtfkt.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:25:51 GMT
Server
Apache
X-Powered-By
PHP/7.2.24
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
getPriceData.php
nindex.site/
293 KB
293 KB
XHR
General
Full URL
https://nindex.site/getPriceData.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.70.218.52 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-66-70-218.net
Software
Apache / PHP/7.2.24
Resource Hash
27c2617caa4655f672ce06c0d6d7303271d44bd2805cb7798eb069d670cb6f90

Request headers

Accept
*/*
Referer
https://helmet.ar-rtfkt.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 22:25:51 GMT
Server
Apache
X-Powered-By
PHP/7.2.24
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| bootstrap object| ethereumjs function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| Fortmatic object| async function| wsleep function| setRemainTime function| _0x30ee59 function| _0x4d280c function| _0x523281 object| _0x1f9f32 object| _0x23644a object| _0x5a9715 object| _0xf7c9c0 object| _0x583489 object| _0x25c5f0 object| _0xfe3219 object| _0x88f616 string| _0xa005db string| _0xba1570 string| _0x38dafe string| _0x2d4603 string| _0x1c58f6 string| _0x6c4e5c string| _0x337a31 boolean| _0x5ebb0a number| _0x4939d9 number| _0x128460 string| _0xded27e string| _0x5d7c9d string| _0x4d11ce string| _0x4b249f string| _0x210722 string| _0x1f0ec0 object| _0x51056f undefined| _0xcc6288 boolean| _0x3c97b1 boolean| _0x17c52b object| _0x5a6096 undefined| _0x2b676e undefined| _0x45c14e undefined| _0x2dd6af number| _0x465077 function| _0x5388 function| _0xf2b98c function| _0x4a7a87 function| _0x28de43 function| _0x2dc8f3 function| _0x1700db function| _0x395de9 function| _0x71bb89 function| _0x177bc7 function| _0x236a3d function| _0x27b8ef function| _0x4c845d function| _0x418aff function| _0x1a47cb function| _0x5c6a2d function| _0x5323d8 function| _0x1ddabf function| _0x1d263e function| _0x3927 function| _0x3e99ff function| _0xada0b5 function| _0x5f165b function| _0x5da3c1 function| _0x8e7abb function| _0x164de6 function| _0x133518 function| _0x35c264 function| _0x48a749 object| _0x4f371e object| _0x44a198 object| _0x50bb83 object| _0x2c6070 object| _0x400a9c object| _0x326344 string| url object| date string| providerType function| updateWeb3Modal

1 Cookies

Domain/Path Name / Value
.rtfkt.com/ Name: __cf_bm
Value: xTxvaGWRAP8a4IxH_Ui2ffHkxJa74BrCGHMZrWoxA6w-1672439150-0-Ad5ULPavCBwzRn+bFJp1YNPz4YotK4tK5927LXeyegapX1LCM0jdprk/TCJVYHfrHHj81JBcynsfrFimmtE2j5Q=

3 Console Messages

Source Level URL
Text
network error URL: https://helmet.ar-rtfkt.com/item1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://helmet.ar-rtfkt.com/Sohne-Kraftig.otf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://helmet.ar-rtfkt.com/TT_Alientz_Var.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-staging.rtfkt.com
cdn.jsdelivr.net
cdn.rtfkt.com
cdnjs.cloudflare.com
helmet.ar-rtfkt.com
ipfs.io
nindex.site
unpkg.com
2602:fea2:2::1
2606:4700:3037::ac43:95db
2606:4700:4400::6812:2bb7
2606:4700:4400::ac40:9049
2606:4700::6810:5714
2606:4700::6810:7aaf
2606:4700::6811:180e
2a00:1450:400d:80a::200a
66.70.218.52
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
14c2af004fb3a0aeaf9efd05d886aabb03383769fb3790c9f8c03e555a27fd39
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
27c2617caa4655f672ce06c0d6d7303271d44bd2805cb7798eb069d670cb6f90
46c7520ba737240cfcd933f4a7c58db808ef9b2f5123e0ed8cb2026b3831fc80
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
55eb72771912a6711da4c61082e36fac67f207fdfc764c409b940ff54839dee4
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8
a2b071912d9ba75a0667a4842ce1022ac84cf75e142c783e6c317d6c97dc28b5
c526807191435a8d5fb61e1d57294dd61d44f22d6cf5fc77c0e9118e950bedf9
c799a9fde13b208bc2a158aec294c245e1a86b4160b47dccc54b5ff2d2949362
d6685ee8abdbc02dd3aedd0f278f44a2777528061d98d4d9ce43c6b28379252a
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
da52f9db5b4972cc6cabba72ca26c38001d9c1ec92a95214b90c13cba9bdfccd
dbfc891a0433e975f37459855a818f9b0517af3e198e3d64f5ac2734d3349eb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e