ko-fi.com Open in urlscan Pro
104.22.29.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eradin.ch/
Effective URL:
https://ko-fi.com/eradin
Submission: On November 17 via api (November 17th 2023, 12:33:41 pm UTC) from CH — Scanned from CH

Summary HTTP 117 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 117 HTTP transactions. The main IP is 104.22.29.80, located in and belongs to CLOUDFLARENET, US. The main domain is ko-fi.com. The Cisco Umbrella rank of the primary domain is 44377.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time ko-fi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	84.16.66.164 84.16.66.164	29222 (INFOMANIA...) (INFOMANIAK-AS)
1 73	104.22.29.80 104.22.29.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
5	172.67.26.21 172.67.26.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
4	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
4	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1 1	157.240.0.63 157.240.0.63	32934 (FACEBOOK) (FACEBOOK)
1	157.240.252.174 157.240.252.174	32934 (FACEBOOK) (FACEBOOK)
1	152.199.19.161 152.199.19.161	15133 (EDGECAST) (EDGECAST)
3	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
4	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
4	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.23 65.9.66.23	16509 (AMAZON-02) (AMAZON-02)
2	13.69.106.217 13.69.106.217	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.241.50.239 44.241.50.239	16509 (AMAZON-02) (AMAZON-02)
117	20

1 84.16.66.164 (Vésenaz, Switzerland) 1 redirects

ASN29222 (INFOMANIAK-AS, CH)
PTR: vip12-reverse-proxy.infomaniak.ch

eradin.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 104.22.29.80 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.26.21 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.63 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: instagram-p3-shv-02-fra3.fbcdn.net

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.174 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: instagram-p42-shv-01-fra3.fbcdn.net

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.161 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-23.fra56.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.50.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-50-239.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	ko-fi.com 1 redirects www.ko-fi.com ko-fi.com — Cisco Umbrella Rank: 44377 storage.ko-fi.com — Cisco Umbrella Rank: 50663 cdn.ko-fi.com — Cisco Umbrella Rank: 266670	2 MB
7	gstatic.com fonts.gstatic.com www.gstatic.com	472 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	158 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	86 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040	36 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	357 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 793	306 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	18 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	304 B
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 9507 www.instagram.com — Cisco Umbrella Rank: 1847	20 KB
1	google.ch www.google.ch — Cisco Umbrella Rank: 30247	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	250 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383	22 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	eradin.ch 1 redirects eradin.ch	190 B
117	16

	Domain	Requested by
42	ko-fi.com	ko-fi.com az416426.vo.msecnd.net storage.ko-fi.com
33	storage.ko-fi.com	ko-fi.com storage.ko-fi.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.paypal.com	ko-fi.com www.paypal.com az416426.vo.msecnd.net
4	www.googletagmanager.com	ko-fi.com www.googletagmanager.com
3	q.stripe.com	ko-fi.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	js.stripe.com	ko-fi.com js.stripe.com
3	www.google.com	ko-fi.com www.gstatic.com www.google.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	region1.analytics.google.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.ko-fi.com	ko-fi.com
1	m.stripe.com	m.stripe.network
1	t.paypal.com	ko-fi.com
1	www.google.ch	ko-fi.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	az416426.vo.msecnd.net	ko-fi.com
1	www.instagram.com	ko-fi.com
1	platform.instagram.com	1 redirects
1	static.cloudflareinsights.com	ko-fi.com
1	fonts.googleapis.com	ko-fi.com
1	www.ko-fi.com	1 redirects
1	eradin.ch	1 redirects
117	25

This site contains links to these domains. Also see Links.

Domain
help.ko-fi.com
instagram.com
facebook.com
www.youtube.com
www.pinterest.com
twitter.com
mail.google.com
more.ko-fi.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2023-09-02` - `2024-08-27`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://ko-fi.com/eradin
Frame ID: D778B3A814219F7F90CA500D6D41904D
Requests: 100 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: D3C4CC6C377E6AF565F724F1B6544271
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=inefmdoiduw3
Frame ID: 1B7647C51071815E3702859DC8E60AAE
Requests: 7 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2EFF4FA7228B619CD0827B812FAB8200
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Support Eradin on Ko-fi! ❤️. ko-fi.com/eradin - Ko-fi ❤️ Where creators get support from fans through donations, memberships, shop sales and more! The original 'Buy Me a Coffee' Page.

Page URL History Show full URLs

https://eradin.ch/ HTTP 301
https://www.ko-fi.com/eradin HTTP 301
https://ko-fi.com/eradin Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

117
Requests

99 %
HTTPS

0 %
IPv6

16
Domains

25
Subdomains

20
IPs

5
Countries

3541 kB
Transfer

6926 kB
Size

12
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help.ko-fi.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://instagram.com/eradin.ch

Search URL Search Domain Scan URL

URL: https://facebook.com/EradinCreativeStudio

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCP6meaJg4pUTrgagXxOBzhg

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3a%2f%2fko-fi.com%2feradin%2fgallery

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Eradin%27s+Ko-fi+Gallery&url=https%3a%2f%2fko-fi.com%2feradin%2fgallery

Search URL Search Domain Scan URL

URL: https://mail.google.com/mail/u/0/#search/ko-fi
Title: Check your Gmail inbox

Search URL Search Domain Scan URL

URL: https://more.ko-fi.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://more.ko-fi.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eradin.ch/ HTTP 301
https://www.ko-fi.com/eradin HTTP 301
https://ko-fi.com/eradin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request eradin Show response
ko-fi.com/
Redirect Chain

https://eradin.ch/
https://www.ko-fi.com/eradin
https://ko-fi.com/eradin

297 KB
54 KB

492ms
457ms

Document
text/html

104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0365162066d3dd7f4a1215534e079e79c23d9b93f5a38f47309d3b75959b9c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-expose-headers: Request-Context
arr-disable-session-affinity: True
cache-control: private
cf-cache-status: EXPIRED
cf-ray: 827800a69edb9208-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 12:33:31 GMT
last-modified: Fri, 17 Nov 2023 01:23:16 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

access-control-expose-headers: Request-Context
arr-disable-session-affinity: True
cf-cache-status: DYNAMIC
cf-ray: 827800a1fbfc9208-FRA
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 12:33:30 GMT
location: https://ko-fi.com/eradin
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
server: cloudflare
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 442ms
56ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;700;800&display=swap

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

cced72a5fc90de9cbfa59c691d65be471f67d2aae3e3ed37ebe476bf2b0c7030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 12:15:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 12:33:31 GMT

GET
H2 200 all.min.css
storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/ 62 KB
9 KB 477ms
69ms Stylesheet
text/css 172.67.26.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/all.min.css?v=638tv
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0294c443a2894db92ded5e6a756cb7cbce8e13ad59752aadfc24a8a1419cf77b

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: xFn3mli+KhGNfMdDwQ/vhg==
age: 5277
x-ms-lease-status: unlocked
last-modified: Fri, 17 Nov 2023 10:14:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b1bc6b59-801e-005c-7e45-19e9c9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800ac1a910e66-MXP

GET
H2 200 css
ko-fi.com/Content/ 433 KB
75 KB 82ms
79ms Stylesheet
text/css 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/css?v=JOpCk1NJ9M2LB3uKusnpahmT2hBMT6VORiTwFlFJoeU1

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d57bd372816bf6d09bab3f46e74eb226549fc812fc35c58555fe38d22dd2c2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6
cf-polished: origSize=534497
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 17 Nov 2023 12:08:18 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
cf-ray: 827800a9889f9208-FRA
expires: Sat, 16 Nov 2024 12:08:18 GMT

GET
H2 200 profile.js Show response
ko-fi.com/Scripts/sections/ 466 B
353 B 74ms
72ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/sections/profile.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c225caabe08a9a0613e1257efa5cda80cd82cf2798e5ea0479a20c75f3ca91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=781
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800a988a49208-FRA

GET
H2 200 32a83da1-049c-41c3-a944-f7c766b1ed9a_png_1f12fac1-450c-4ea5-aeb6-892818052bf6cover.png
storage.ko-fi.com/cdn/useruploads/ 1 MB
1 MB 323ms
323ms Image
image/png 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/32a83da1-049c-41c3-a944-f7c766b1ed9a_png_1f12fac1-450c-4ea5-aeb6-892818052bf6cover.png?v=c6139d21-7bd8-480c-8523-46b13dd84275
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025ec932133f485324e8694b456e282e369139e1d76e6f1386c680dda1e8dc0f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: /0FGgn6kTo51dx/7zM+dtA==
content-length: 1204952
x-ms-lease-status: unlocked
last-modified: Mon, 25 Sep 2023 21:49:23 GMT
server: cloudflare
etag: 0x8DBBE11482F3B58
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 4023d53f-d01e-0022-5f52-197606000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800adbb399208-FRA

GET
H2 200 profileV2.css
ko-fi.com/Content/ 50 KB
9 KB 88ms
86ms Stylesheet
text/css 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/profileV2.css?v=638tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b3504e546b4f468cf874f3ec3237e4ba9d5ad193f8f36ca2418680596243f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 827800a988a09208-FRA

GET
H2 200 vue.2.6.11.min.js Show response
storage.ko-fi.com/cdn/scripts/ 91 KB
34 KB 77ms
60ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/vue.2.6.11.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: sXMcYZxc/o+Z+t1jmj/MMA==
age: 4990
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5cc8f282-e01e-0021-14f9-0b7501000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800a9a8b79208-FRA

GET
H2 200 lodash.4.17.15.min.js Show response
storage.ko-fi.com/cdn/scripts/ 72 KB
24 KB 85ms
69ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/lodash.4.17.15.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f73c0015652859ca111e91691ddc2be33b28a82f1423f1e4268ab506d1c9477

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: h88tQMJSxyZ1SZmQDpMv5g==
age: 3343
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a2a89e03-601e-0074-3c7d-009e76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800a9a8b49208-FRA

GET
H2 200 fa-regular-400.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/ 28 KB
29 KB 455ms
48ms Font
font/woff2 172.67.26.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/fa-regular-400.woff2
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ddcc7123a99aead7191cd68ae3b706cec7b7286d5bcf5d30acd9ec18de36a5

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
cf-cache-status: HIT
content-md5: 720vw2LR4i9hHcAeKMvFYQ==
age: 1307
content-length: 28896
x-ms-lease-status: unlocked
last-modified: Fri, 17 Nov 2023 10:14:09 GMT
server: cloudflare
etag: 0x8DBE755F0B69E97
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 41a81d8d-701e-002f-654e-19990a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800ac1a920e66-MXP

GET
H2 200 fa-solid-900.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/ 18 KB
18 KB 505ms
99ms Font
font/woff2 172.67.26.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/fa-solid-900.woff2
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5d4a40c92e2c83a28cf1bbedd3a51f333545db326368b41deff6c5d4365592

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
cf-cache-status: HIT
content-md5: WgiVTdvI+eJoDQrV+yWZ5A==
age: 1865
content-length: 18572
x-ms-lease-status: unlocked
last-modified: Fri, 17 Nov 2023 10:14:10 GMT
server: cloudflare
etag: 0x8DBE755F0D286FE
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: d0b9699a-301e-0067-6248-19ab97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800ac1a960e66-MXP

GET
H2 200 fa-brands-400.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/ 7 KB
8 KB 464ms
58ms Font
font/woff2 172.67.26.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/fa-brands-400.woff2
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5baad51df14fd3ad2ca20ff8b0618737e15714087c597dcdbd733fe3f0d2c0f4

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
cf-cache-status: HIT
content-md5: M0UiNh917k2siTc4AVMN8Q==
age: 320
content-length: 7628
x-ms-lease-status: unlocked
last-modified: Fri, 17 Nov 2023 10:14:09 GMT
server: cloudflare
etag: 0x8DBE755F062973C
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: e56bb37a-801e-0013-5644-192dd1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800ac1a930e66-MXP

GET
H2 200 jquery-2.0.0.min.js Show response
storage.ko-fi.com/cdn/scripts/ 81 KB
29 KB 82ms
66ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LtyULAvSR2volnqfeI2eJg==
age: 2415
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 11433027-f01e-0058-4eb2-0c1c4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800a9a8b69208-FRA

GET
H2 200 lite-yt-embed.css
ko-fi.com/lib/lite-youtube-embed-master/ 2 KB
1 KB 60ms
59ms Stylesheet
text/css 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/lite-youtube-embed-master/lite-yt-embed.css?v=638tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7c3ab3bfcc6534917a25a610fa4afd169e6ce7244fd330899fb1607c46db16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=2587
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: W/"03f5a65a318da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 827800a988a19208-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 504ms
54ms Script
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

8924c846d67400c8df8ea0ba465390f169285a6dc57a6d621eb810cf8fac5357

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 12:33:32 GMT

GET
H2 200 registerandlogin.css
ko-fi.com/Content/ 4 KB
1 KB 70ms
69ms Stylesheet
text/css 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/registerandlogin.css?v=3

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

361ef6361b8708994b00dd261202e4a1a285f895d277c1c5d20d2397a025b0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6
cf-polished: origSize=6878
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 827800a988a39208-FRA

GET
H2 200 logo_white_stroke_small.png
storage.ko-fi.com/cdn/brandasset/ 5 KB
6 KB 56ms
54ms Image
image/webp 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/brandasset/logo_white_stroke_small.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b4cbb864b7f74f6da00206715552fdaeb8e63e82c1173c058af14c75514256

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
cf-cache-status: HIT
content-md5: qHbAlDUibuWaigWQwa+Xyw==
age: 757
cf-polished: origFmt=png, origSize=12997
content-disposition: inline; filename="logo_white_stroke_small.webp"
content-length: 5414
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:58 GMT
server: cloudflare
etag: 0x8DAB54181F9A844
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 6ed3102e-b01e-0039-66c3-135894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800ac7a659208-FRA

GET
H2 200 loading.svg
storage.ko-fi.com/cdn/ 579 B
576 B 71ms
70ms Image
image/svg+xml 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/loading.svg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: cE+f6ga+XSnmqRTc3dp4Pg==
age: 2663
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 550701c0-601e-0012-668d-142c2c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800ac7a669208-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 508ms
84ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FYXR0G6GNG

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

542dc83a1fc05e5b30a49868b2826021e1da09cb332a3c854780a9b92dec46a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92863
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 12:33:32 GMT

GET
H2 200 553c3c3e-1081-42a0-9c06-c3b68ba2794d.png
cdn.ko-fi.com/cdn/useruploads/ 62 KB
63 KB 162ms
67ms Image
image/png 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ko-fi.com/cdn/useruploads/553c3c3e-1081-42a0-9c06-c3b68ba2794d.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248e2d7ebe6d2887716925dd22cdcbc5116b6879a48477f69942457d61b82d8f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: 1MarMJzB6BawIHMEajkKWw==
x-ms-meta-pageid: none
x-cache: HIT
content-length: 63841
x-ms-lease-status: unlocked
last-modified: Mon, 24 Oct 2022 02:00:41 GMT
server: cloudflare
etag: 0x8DAB5638DD35D11
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d5bb6a91-501e-0077-6a23-169d71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800ad7b1a9208-FRA
expires: Fri, 24 Nov 2023 12:33:31 GMT

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ 6 KB
6 KB 72ms
70ms Image
image/webp 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 2611
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 10f997b2-501e-0033-16d0-00411d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800acfac39208-FRA

GET
H2 200 loading.svg
ko-fi.com/img/ 579 B
487 B 68ms
67ms Image
image/svg+xml 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/loading.svg

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 37
server: cloudflare
etag: W/"03f5a65a318da1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 827800adfb669208-FRA
x-xss-protection: 1; mode=block

GET
H2 200 shopitempreviewplaceholder.png
ko-fi.com/img/shop/ 38 B
311 B 252ms
215ms Image
image/webp 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/shop/shopitempreviewplaceholder.png

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

608fceeeb1e804ae2cc06b92be032585cd18fc7375fa93f9dd2a3af7c432a915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: origFmt=png, origSize=129
content-disposition: inline; filename="shopitempreviewplaceholder.webp"
content-length: 38
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: "03f5a65a318da1:0"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 827800b18e0b9208-FRA

GET
H2 200 kofi_stroke_cup.svg
storage.ko-fi.com/cdn/ 865 B
660 B 83ms
33ms Image
image/svg+xml 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/kofi_stroke_cup.svg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2134d2d0e6ad0bda36ad2228b5ac3f86370d08efbc52eda3b98bde5601bf1c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LKIvaQFeuMb8PTIQiGCnVg==
age: 311
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: dc0994cb-901e-0007-6700-eceeb5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800b05d3a9208-FRA

GET
H2 200 553c3c3e-1081-42a0-9c06-c3b68ba2794d_tiny.png
cdn.ko-fi.com/cdn/useruploads/ 62 KB
63 KB 105ms
56ms Image
image/png 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ko-fi.com/cdn/useruploads/553c3c3e-1081-42a0-9c06-c3b68ba2794d_tiny.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248e2d7ebe6d2887716925dd22cdcbc5116b6879a48477f69942457d61b82d8f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: 1MarMJzB6BawIHMEajkKWw==
x-ms-meta-pageid: none
x-cache: HIT
content-length: 63841
x-ms-lease-status: unlocked
last-modified: Mon, 24 Oct 2022 02:07:18 GMT
server: cloudflare
etag: 0x8DAB5647ABA5DFD
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 6615d615-c01e-001f-6823-16c320000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800b05d3b9208-FRA
expires: Fri, 24 Nov 2023 12:33:32 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 504ms
77ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 827800b38dbff17c-CDG

GET
H2 200 jquery.unobtrusive-ajax.min.js Show response
storage.ko-fi.com/cdn/scripts/ 4 KB
2 KB 105ms
43ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery.unobtrusive-ajax.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 314c24539472b73912ca8fa85d18eba96851bcb57eef99ae5bc3158a4d2eec7c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: beuh7IuiH/NF+6Wy7GBbTg==
age: 6180
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 54780ff4-801e-0013-0f00-132dd1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800ad7b149208-FRA

GET
H2 200 jquery-sortable-min.js Show response
storage.ko-fi.com/cdn/scripts/ 11 KB
3 KB 91ms
39ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-sortable-min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b8027883c1b4614b83ade0d791e80da436d8eed1b3d9cdab85c32f7c58b3ae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zLsNVQZjevliZPpyAemGfQ==
age: 6180
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b58b513a-201e-0051-21ea-0b06c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800ad7b159208-FRA

GET
H2 200 jquery.validate.min.js Show response
storage.ko-fi.com/cdn/scripts/jquery-validate/1.15.1/ 22 KB
7 KB 91ms
39ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-validate/1.15.1/jquery.validate.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: RBKaOLU74PoHrzeHRg6LdQ==
age: 1531
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 366dfe64-301e-0058-64bf-5029c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800ad7b169208-FRA

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
storage.ko-fi.com/cdn/scripts/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 89ms
38ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: ZaQbKNkH4sv5/b3yz0M3vw==
age: 1531
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 19055424-701e-0004-3758-727c9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800ad7b179208-FRA

GET
H2 200 shared.js Show response
ko-fi.com/Scripts/ 9 KB
3 KB 94ms
44ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/shared.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef96dcca2d81249b773d184d1b77fc755cc43512638e23fbf4b1bec488d22b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 37
cf-polished: origSize=13743
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800ad7b189208-FRA

GET
H2 200 CustomGoogleTagManagerEvents.js Show response
ko-fi.com/Scripts/ 2 KB
731 B 97ms
46ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/CustomGoogleTagManagerEvents.js?v=8

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52222f35e6fa207eab568926809ae3ee40daeb060de500c84eb5e44b0238c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 37
cf-polished: origSize=3203
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800ad7b199208-FRA

GET
H2 200 bootstrap.min.js Show response
storage.ko-fi.com/cdn/scripts/ 28 KB
8 KB 93ms
80ms Script
text/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/bootstrap.min.js?sv=2019-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
age: 2663
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 84f81d4d-901e-0048-6a42-122aad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800adab309208-FRA

GET
H2 200 respond.min.js Show response
storage.ko-fi.com/cdn/scripts/ 5 KB
3 KB 53ms
52ms Script
text/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/respond.min.js?sv=2019-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
age: 4989
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: a7b1e930-b01e-0056-63bf-500075000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800aebbe29208-FRA

GET
H2 200 backbutton-close-modal.js Show response
ko-fi.com/Scripts/ 1 KB
495 B 59ms
59ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/backbutton-close-modal.js?v=8

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e8cc4ba5549dcc0cad28f35fba9241a0dd184633dd561d0957b605de99fdac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=1603
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800af2c399208-FRA

GET
H2 200 toastr.2.1.3.min.js Show response
storage.ko-fi.com/cdn/scripts/ 5 KB
2 KB 60ms
49ms Script
application/javascript 172.67.26.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/toastr.2.1.3.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.26.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: x6exIuOORjGk8ES5+3SDtQ==
age: 4438
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a6d54972-b01e-001b-02a1-0c36a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afbf730e66-MXP

GET
H2 200 modal-steps.min.js Show response
storage.ko-fi.com/cdn/scripts/ 3 KB
1 KB 103ms
92ms Script
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/modal-steps.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fae7019e31e6127ad883d031a36290b83b3ac7d03a6ee109b391d9b0fb9270a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VNyHtclKfE3whzFX2YPzhA==
age: 1532
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a1e37088-701e-0006-2b5e-0def48000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afcca59208-FRA

GET
H2 200 commentsScripts.js Show response
ko-fi.com/Scripts/ 12 KB
3 KB 258ms
252ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/commentsScripts.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee3f12023dcf49e0ce012af54bbf8e5d1b77e774ac192c3393d8ddb898ac332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
server: cloudflare
etag: "0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 827800afcca79208-FRA
content-length: 2802
x-xss-protection: 1; mode=block

GET
H2 200 lite-yt-embed.js Show response
ko-fi.com/lib/lite-youtube-embed-master/ 3 KB
1 KB 84ms
78ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/lite-youtube-embed-master/lite-yt-embed.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9dd57f3ccdd051da3196d7ae95340d045375a9c779e96463aec96c237b575a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=7422
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: W/"03f5a65a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800afcca89208-FRA

GET
H2 200 gallery-item-view.js Show response
ko-fi.com/Scripts/modules/ 5 KB
2 KB 78ms
72ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/modules/gallery-item-view.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a8c46134bc64383c11f1934724607ad683f4d2ed1c10489f03ed01b10d8b44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=11046
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800afcca99208-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 554 KB
154 KB 177ms
42ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f27e9ca75db1b778e94c55ffb6a1f471a2fab0761034b9ce0a233bc0866e6cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 12:33:32 GMT
via: 1.1 varnish
age: 25
x-cache: HIT
content-length: 157145
x-request-id: 88f83e0d-7db9-4963-b5c5-bed70774ddb0
x-served-by: cache-fra-eddf8230112-FRA
last-modified: Thu, 16 Nov 2023 22:20:54 GMT
server: Fastly
etag: "735677db1390373c37dfd0233c992727"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 loadmore.min.js Show response
ko-fi.com/Scripts/plugins/loadmorejs/ 4 KB
2 KB 58ms
53ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/plugins/loadmorejs/loadmore.min.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ec1f31f623d90cabadbf5b17f01cd5e84025b8e3125e73649c6058bbf41cccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
content-length: 1596
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: "0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 827800afccac9208-FRA

GET
H2 200 loadmore-initialise.js Show response
ko-fi.com/Scripts/loadmore/shared-layout/ 2 KB
565 B 68ms
62ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/loadmore/shared-layout/loadmore-initialise.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

791c6007323c117a570480f4be6c47f9b190ea2c83b160613b3c3748dd1d8ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=2601
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800afccad9208-FRA

GET
H2 200 jquery.charactercounter.js Show response
ko-fi.com/Scripts/ 5 KB
1 KB 55ms
49ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/jquery.charactercounter.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20aca36364f7c307006861215cb515fbce570b1ebeadd23cec96834e8bd11513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5
cf-polished: origSize=9712
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800afccae9208-FRA

GET
H2 200 _DirectMessageModal.js Show response
ko-fi.com/Scripts/Views/Shared/ 2 KB
693 B 91ms
58ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/Views/Shared/_DirectMessageModal.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

283e825989e009d13b228f34bb3d721705d576ac2eb4eeaf1be90f727d6d5767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5
cf-polished: origSize=3458
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b04d249208-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ 291 KB
79 KB 1705ms
1413ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AUIEyoriOCmlEGQq88qYLvzbyuzxmHBN2LoVh3mFxlbKVToHby0pSWGb4j6_uf7RqARdtIjtBgs6QCzV&currency=EUR&intent=capture&commit=true&enable-funding=venmo&disable-funding=card,sofort&merchant-id=36GZXBL38FWQU&vault=false

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

882925065cd97dc82034e4e7f0ec1f5809e147074d5253a4c149629937269f78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-4N7m6irhDAp4ANg+bGNIHFh9ztkgk2M+hv1IepI3LjiRxxdl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4N7m6irhDAp4ANg+bGNIHFh9ztkgk2M+hv1IepI3LjiRxxdl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4N7m6irhDAp4ANg+bGNIHFh9ztkgk2M+hv1IepI3LjiRxxdl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4N7m6irhDAp4ANg+bGNIHFh9ztkgk2M+hv1IepI3LjiRxxdl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Fri, 17 Nov 2023 12:33:33 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f35896917f27f
server-timing: "traceparent;desc="00-0000000000000000000f35896917f27f-ab3696058112f2c9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79340
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f35896917f27f-107c5976bd03923a-01
x-timer: S1700224412.420986,VS0,VE956
etag: W/"135ec-YUe54nID9DeCZvXQq/dvXSDHSns"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 shop.js Show response
ko-fi.com/Scripts/ 7 KB
2 KB 89ms
57ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/shop.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3aff8ccfb2e5f7d5b4b8790c2506e0ee2ad8d85fbd0e32f3c7b6d52b5bdf0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7
cf-polished: origSize=13562
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b04d259208-FRA

GET
H2 200 HorizontalScrollScripts.js Show response
ko-fi.com/Content/ 2 KB
824 B 81ms
32ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/HorizontalScrollScripts.js?v=638tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c258b4c6e47586ade529a866721f9eb52b8fa2be49cdcd09419b7eb68cc41cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=3364
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b05d399208-FRA

GET
H2 200 dark-mode.js Show response
ko-fi.com/Content/ 489 B
380 B 101ms
66ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/dark-mode.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

676a8ced09d39d2976f239688c4f104b551338d3b14a9d9bd30d3667ca74d094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7
cf-polished: origSize=668
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b08d4f9208-FRA

GET
H2 200 float-sidebar.min.js Show response
ko-fi.com/lib/FloatSidebarjs/v1.2.5/ 7 KB
3 KB 99ms
65ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/FloatSidebarjs/v1.2.5/float-sidebar.min.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79488c217fb7c67ae2a169332b61d9b5c5f34446c1f003c93bdcc7edc7c3511a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5
content-length: 2507
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: "03f5a65a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 827800b08d519208-FRA

GET
H2 200 imageloaded.js Show response
ko-fi.com/Scripts/ 7 KB
2 KB 57ms
54ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/imageloaded.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a034927e7faf2dcc94e0f325de7693821a492402f896d9550320560a93d30c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5
cf-polished: origSize=10451
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b0bd6b9208-FRA

GET
H2 200 wookmark.js Show response
ko-fi.com/Scripts/ 9 KB
3 KB 60ms
58ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/wookmark.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323d462b04302df2414bb7565eb44e5ea0cb1c27200029bd02b57bf373308b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5
cf-polished: origSize=11159
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b0bd6e9208-FRA

GET
H2 200 commissions.js Show response
ko-fi.com/Scripts/ 450 B
315 B 96ms
95ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/commissions.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca85c1812ca68df974c337eb02cfa9ed4d9b9069c337266dfd5e8ace95fdcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 5
cf-polished: origSize=721
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b0bd709208-FRA

GET
H2 200 owl.carousel.min.js Show response
storage.ko-fi.com/cdn/scripts/ 42 KB
11 KB 75ms
70ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/owl.carousel.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: t7nJfNaOwzbQGnnVvkjFjQ==
age: 4284
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6ed2e63a-b01e-0039-1ec3-135894000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afccb09208-FRA

GET
H2 200 ladda.min.js Show response
storage.ko-fi.com/cdn/scripts/ 3 KB
2 KB 85ms
80ms Script
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/ladda.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69aaf0dd993c601ae9f2978dc7fc363775d04bc549da9b366779f60ecb81372

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: xfyDnZRix+1kBW/a2t65DQ==
age: 2416
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d32eafa6-301e-000a-02a6-0701b9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afccb19208-FRA

GET
H2 200 sweetalert.min.js Show response
storage.ko-fi.com/cdn/scripts/ 66 KB
13 KB 65ms
60ms Script
text/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/sweetalert.min.js?sv=2020-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e9ba03a8a5758af4c04710d3d08e5ceec146eb2c0ac227ba209c8cb487c9a2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:20:49 GMT
server: cloudflare
age: 757
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 23f94d23-d01e-004f-4f7e-fbdc28000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afccb29208-FRA

GET
H2 200 spin.min.js Show response
storage.ko-fi.com/cdn/scripts/ 4 KB
2 KB 90ms
85ms Script
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/spin.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kgDDN4K7RqLja+sTk6Z5fQ==
age: 805
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: eee2dd0a-301e-0005-18bf-502341000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afccb39208-FRA

GET
H2 200 registrationScripts.js Show response
ko-fi.com/Scripts/ 827 B
480 B 66ms
63ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/registrationScripts.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec24c83c49aa3e87501ffb4b6180fe136752f93beb0d76ff91ad3fdbd28d1c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7
cf-polished: origSize=1333
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800b0ed909208-FRA

GET
H2 200 clipboard.js Show response
storage.ko-fi.com/cdn/scripts/ 10 KB
3 KB 62ms
57ms Script
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/clipboard.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9214020446336733693110f40ae387236467967a07012ff0f99da8cdf505e281

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 2p0uXQGMC6dXbFsTmBaiVw==
age: 2416
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d13af755-d01e-006d-5664-15b21e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afccb49208-FRA

GET
H2 200 clipboardCopy.js Show response
storage.ko-fi.com/cdn/scripts/ 923 B
764 B 99ms
63ms Script
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/clipboardCopy.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8190ac8f569646b28c013967f583807f87c8fcb83bd5ca22eea00e1ea5fcc6d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: vNGr6Hb0sZcn2tIQAB7DNg==
age: 7153
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 59baf1fd-801e-004d-26bf-503e76000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800b18e0c9208-FRA

GET
H2 200 exif.2.3.0.min.js Show response
storage.ko-fi.com/cdn/scripts/ 15 KB
6 KB 84ms
79ms Script
application/javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/exif.2.3.0.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e302d8490b8da90eb981f39ca6c30b74568eca809918b273caff1ce3fd0862

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: pFdkEVYy/m4mSAmnkN/03Q==
age: 4687
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cefef0e6-e01e-0008-6662-aa0343000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800afccb59208-FRA

GET
H2 200 dropzone.min.js Show response
ko-fi.com/lib/dropzone/v5.9.3/ 112 KB
46 KB 67ms
64ms Script
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/dropzone/v5.9.3/dropzone.min.js?v=236mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7
content-length: 46813
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: "03f5a65a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 827800b0ed919208-FRA

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

55 KB
20 KB

485ms
81ms

Script
application/x-javascript

157.240.252.174
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Server

157.240.252.174 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

instagram-p42-shv-01-fra3.fbcdn.net

Software

Resource Hash

d64c9b4056afa1f076c3be305cb2b9e4ef07df21cf62c65832e927660f54a3ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 12:33:33 GMT
content-md5: bBzc8bADs8m0XfLRTgdqdQ==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19659
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: 9KiKADGEcHkXLEpZALU7Yc+zlQavpEdJUaGnmDDVvilvuFLrqIkrqhScCmXpc039SDZWskNYbK0557aAgQNH8Q==
x-fb-content-md5: 4e36a32a554151416ef74277a4c5a7fa
cross-origin-opener-policy: same-origin-allow-popups
etag: "65f11a2f0e61899debb0349cb49b1dd4"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 17 Nov 2023 12:53:33 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Fri, 17 Nov 2023 12:33:32 GMT
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 234 KB
83 KB 260ms
52ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

52631aa65e4fc9d33887a3c35c75a3624c9616b074641ec73fcffbf7600c8840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84484
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 12:33:32 GMT

GET
H2 200 root.css
ko-fi.com/content/ 6 KB
2 KB 56ms
46ms Stylesheet
text/css 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/content/root.css?v=124

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/Content/profileV2.css?v=638tv

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5845500a29b4f113310b4f7ece09f7b15643b169b46609981c75d2460a4a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 38
cf-polished: origSize=7394
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 827800accaa59208-FRA

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 537ms
96ms Script
application/x-javascript 152.199.19.161
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 955
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bbb93f55-501e-00bb-3b50-19cbd8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 17 Nov 2023 13:03:32 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 438ms
39ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:08 GMT
x-content-type-options: nosniff
age: 140424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:33:08 GMT

GET
H2 200 contributors_badge.svg
ko-fi.com/img/badges/ 10 KB
4 KB 215ms
214ms Image
image/svg+xml 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/badges/contributors_badge.svg

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4cde48dc62aee57bce45479571fd94b41be68f7ac76b10dcb229d5072564327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 827800adfb659208-FRA
x-xss-protection: 1; mode=block

GET
H2 200 gold_badge.svg
ko-fi.com/img/badges/ 2 KB
1 KB 68ms
67ms Image
image/svg+xml 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/badges/gold_badge.svg

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a67c65a60315b533115117b0e76768501c3812d280a6681e683820ea56d342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:31 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 4
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 827800adfb649208-FRA
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 435ms
40ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://ko-fi.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 08:35:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
92 KB 107ms
103ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c53c0221919a0bfab6ca450fa017bbc90dc66c14dcc3da4dded55fa71f7d2a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 12:33:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 106ms
106ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FYXR0G6GNG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

aeed67ed17bb002eacaf25b78db3df87ab2b52ed402b9a5327f1124632306b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 12:33:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 443ms
59ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FYXR0G6GNG&gtm=45je3b81v9165800661&_p=1700224411604&gcd=11l1l1l1l1&dma=0&cid=158438580.1700224413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700224412&sct=1&seg=0&dl=https%3A%2F%2Fko-fi.com%2Feradin&dt=Support%20Eradin%20on%20Ko-fi!%20%E2%9D%A4%EF%B8%8F.%20ko-fi.com%2Feradin%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4220
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYXR0G6GNG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 12:33:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 314ms
49ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M13FZ7VQ2C&gtm=45je3b81v888810137z879252603&_p=1700224411604&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=158438580.1700224413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700224413&sct=1&seg=0&dl=https%3A%2F%2Fko-fi.com%2Feradin&dt=Support%20Eradin%20on%20Ko-fi!%20%E2%9D%A4%EF%B8%8F.%20ko-fi.com%2Feradin%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&en=page_view&_fv=1&_ss=1&ep.isLoggedIn=no&ep.distinctId=&up.userId=&tfd=4412
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 12:33:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 2017ms
38ms Ping
text/plain 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M13FZ7VQ2C&cid=158438580.1700224413&gtm=45je3b81v888810137z879252603&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 12:33:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 2046ms
73ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M13FZ7VQ2C&cid=158438580.1700224413&gtm=45je3b81v888810137z879252603&aip=1&dma=0&gcd=11l1l1l1l1&z=458309558

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 12:33:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 320ms
320ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=ko-fi.com&t=xo&v=5.0.410&source=payments_sdk&mrid=36GZXBL38FWQU&client_id=AUIEyoriOCmlEGQq88qYLvzbyuzxmHBN2LoVh3mFxlbKVToHby0pSWGb4j6_uf7RqARdtIjtBgs6QCzV&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUIEyoriOCmlEGQq88qYLvzbyuzxmHBN2LoVh3mFxlbKVToHby0pSWGb4j6_uf7RqARdtIjtBgs6QCzV&currency=EUR&intent=capture&commit=true&enable-funding=venmo&disable-funding=card,sofort&merchant-id=36GZXBL38FWQU&vault=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-mA5++E0O1qMj3AJ1aGVPLtkgA7EJ42o5bk0zEVYMoMtv58ol' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-mA5++E0O1qMj3AJ1aGVPLtkgA7EJ42o5bk0zEVYMoMtv58ol' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 12:33:34 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
paypal-debug-id: f672717cf4eaf
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f672717cf4eaf-e555df28e8a5e7e4-01
x-timer: S1700224414.907386,VS0,VE279
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 toasts Show response
ko-fi.com/api/session/ 29 B
403 B 224ms
224ms XHR
application/json 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/api/session/toasts?_=1700224411872

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4eed0beb75c73a24384275418323653a2de7920da9e8f390528302b5d7f51e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.z9gnf
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 143
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 827800bb9d069208-FRA

GET
H2 200 swiper-bundle.min.css
ko-fi.com/lib/swiperjs/v8.4.6/ 16 KB
6 KB 58ms
58ms Stylesheet
text/css 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/swiperjs/v8.4.6/swiper-bundle.min.css?v=236mo

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67debf7546f60c16b1cd96d07b3a9d3851c3ac91aba126d9d88ce9f6a73dabb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6
content-length: 5792
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: "03f5a65a318da1:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 827800bbfd469208-FRA

GET
H2 200 swiper-bundle.min.js Show response
ko-fi.com/lib/swiperjs/v8.4.6/ 140 KB
51 KB 65ms
64ms XHR
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/swiperjs/v8.4.6/swiper-bundle.min.js?v=236mo

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8966a0426081f47ebc4df82ab440c41e148c50826dca5a79bd9542456849964a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.7ZDNq
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6
content-length: 52126
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Nov 2023 15:41:42 GMT
server: cloudflare
etag: "03f5a65a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 827800bc0d549208-FRA

GET
H2 200 clipboard.js Show response
storage.ko-fi.com/cdn/scripts/ 10 KB
3 KB 61ms
60ms Script
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/clipboard.js?v=236mo
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9214020446336733693110f40ae387236467967a07012ff0f99da8cdf505e281

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 2p0uXQGMC6dXbFsTmBaiVw==
age: 6592
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5b475b5f-801e-0013-7fba-132dd1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 827800bc0d569208-FRA

GET
H2 200 4 Show response
ko-fi.com/shop/Z8Z4AD300/items/0/ 3 KB
1 KB 336ms
336ms XHR
application/json 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/shop/Z8Z4AD300/items/0/4

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3cb467199698ca9d6a20bd098be3ed95c17ee42ad3ed04ded8da33f6adb1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.iqVmE
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 987
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 827800bc0d579208-FRA

GET
H2 200 1f12fac1-450c-4ea5-aeb6-892818052bf6 Show response
ko-fi.com/api/discount/get-for-pageid/ 0
107 B 245ms
245ms XHR
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/api/discount/get-for-pageid/1f12fac1-450c-4ea5-aeb6-892818052bf6

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.5OVcy
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
server: cloudflare
x-frame-options: SAMEORIGIN
access-control-expose-headers: Request-Context
cache-control: private
arr-disable-session-affinity: True
cf-ray: 827800bc1d629208-FRA
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd

GET
H2 200 LoadPageFeed Show response
ko-fi.com/Buttons/ 8 KB
2 KB 369ms
369ms XHR
text/html 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Buttons/LoadPageFeed?buttonId=Z8Z4AD300

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2069cf3c57b120fb09127ae5bc028b6c06d08b5fc345986813384704d10467f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.OTEkR
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
cf-ray: 827800bc1d639208-FRA

GET
H2 200 PersonalFeed Show response
ko-fi.com/Feed/ 0
44 B 400ms
400ms XHR
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Feed/PersonalFeed?pageIndex=0&pageId=Z8Z4AD300

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.rB+QW
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 827800bc3d7b9208-FRA

GET
H2 200 LoadRecentPosts Show response
ko-fi.com/Buttons/ 1 KB
588 B 293ms
292ms XHR
text/html 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Buttons/LoadRecentPosts?buttonId=Z8Z4AD300&_=1700224411873

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fe4ff36f20f34d9bb820bcccc62c1e1a4372ee90820f55869616b0b51489a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.8l0p5
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:34 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
cf-ray: 827800bc3d7c9208-FRA

GET
H2 200 LoadTopSupporters Show response
ko-fi.com/Buttons/ 0
44 B 370ms
370ms XHR
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Buttons/LoadTopSupporters?buttonId=Z8Z4AD300&handle=eradin&_=1700224411874

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM./X3SQ
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:34 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 827800bc3d7d9208-FRA

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame D3C4 200 B
840 B 34ms
34ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko-fi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6016136
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 12:33:35 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 737180
x-content-type-options: nosniff
x-request-id: 96582c6c-178d-496e-89c8-9430e9fbf5ad
x-served-by: cache-fra-eddf8230112-FRA

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1B76 60 KB
34 KB 79ms
64ms Document
text/html 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=inefmdoiduw3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

663ffcd772dcb73dc0dcdc3c60bddd8f9aae7e06169a609a161416a8c7220a06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-58-c9FZWhss0cdPQg7vHBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko-fi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-58-c9FZWhss0cdPQg7vHBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 12:33:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ 42 B
509 B 340ms
193ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Support%20Eradin%20on%20Ko-fi!%20%E2%9D%A4%EF%B8%8F.%20ko-fi.com%2Feradin%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700224415047&g=-60&completeurl=https%3A%2F%2Fko-fi.com%2Feradin&ru=https%3A%2F%2Fko-fi.com%2Feradin&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 17 Nov 2023 12:33:35 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ec0a11b7f04e8
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230028-FRA
pragma: no-cache
correlation-id: ec0a11b7f04e8
traceparent: 00-0000000000000000000ec0a11b7f04e8-875effea37c3045f-01
x-timer: S1700224415.207453,VS0,VE159
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 12:33:35 GMT

GET
H2 200 share-link-modal-scripts.js Show response
ko-fi.com/scripts/modules/ 4 KB
1 KB 54ms
53ms XHR
application/x-javascript 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/scripts/modules/share-link-modal-scripts.js?v=236mo

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b157b8396a8aa1c0bb5f5950cf9a7477306a4156e1c958923c2e28cb6e28c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.9SyUw
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 7
cf-polished: origSize=6055
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 16 Nov 2023 15:41:40 GMT
server: cloudflare
etag: W/"0122964a318da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 827800c2496b9208-FRA

GET
H2 200 552297a4-7aef-4a2b-85a9-fd6f6f229d25_gameboydmg-01a.jpg
storage.ko-fi.com/cdn/useruploads/post/ 99 KB
100 KB 303ms
301ms Image
image/jpeg 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/552297a4-7aef-4a2b-85a9-fd6f6f229d25_gameboydmg-01a.jpg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353787e21c95919955181c1afbc63e344c61caf4eff13e1b378304a332a5aa52

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:35 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: +JpE+pxBxIPVJULOlcjYgw==
content-length: 101718
x-ms-lease-status: unlocked
last-modified: Mon, 25 Sep 2023 21:26:44 GMT
server: cloudflare
etag: 0x8DBBE0E1DC994B7
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 3117a3c6-201e-0051-4752-1906c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800c2f9df9208-FRA

GET
H2 200 f8367543-8424-4c0d-bc50-81ec0f91397c_devilfruit-opeopenomi.jpg
storage.ko-fi.com/cdn/useruploads/post/ 96 KB
97 KB 374ms
373ms Image
image/jpeg 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/f8367543-8424-4c0d-bc50-81ec0f91397c_devilfruit-opeopenomi.jpg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12efd70f767cba18e3e51f35dd35ccd9f62ec07d643d53675125d39dc32ca681

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:35 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: jA+FKb9tngfJXbvsoMdh5w==
content-length: 98671
x-ms-lease-status: unlocked
last-modified: Mon, 25 Sep 2023 21:25:32 GMT
server: cloudflare
etag: 0x8DBBE0DF3084ECD
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 47a1ecc9-301e-004e-2852-19ddd5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800c2f9e09208-FRA

GET
H2 200 1b3d7911-70e8-4805-8968-6b6ede7e47ad_devilfruit-gomugomunomi.jpg
storage.ko-fi.com/cdn/useruploads/post/ 96 KB
96 KB 394ms
394ms Image
image/jpeg 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/1b3d7911-70e8-4805-8968-6b6ede7e47ad_devilfruit-gomugomunomi.jpg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135f5c24743f9dbcd04aa1b5a8a2772a2b3f6fe104342b2999c26e3e434e8df0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:35 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: ayPk/ztiZqeKVZRZ/mDm/A==
content-length: 98100
x-ms-lease-status: unlocked
last-modified: Mon, 25 Sep 2023 21:19:30 GMT
server: cloudflare
etag: 0x8DBBE0D1B09BA8B
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 21e0fcee-801e-0031-6152-1943e7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800c2f9e19208-FRA

GET
H2 200 805e08f3-dbdc-4c82-aa6e-59995c30f731_boha.jpg
storage.ko-fi.com/cdn/useruploads/post/ 101 KB
102 KB 324ms
323ms Image
image/jpeg 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/805e08f3-dbdc-4c82-aa6e-59995c30f731_boha.jpg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb573658403074db5225ae90612dc61602b0053edf48009c8590124c54cf682

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:35 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: dTCXSXgYR8rg1bUxbsNpuw==
content-length: 103708
x-ms-lease-status: unlocked
last-modified: Mon, 25 Sep 2023 21:11:24 GMT
server: cloudflare
etag: 0x8DBBE0BF997D8EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 23d62b84-b01e-0054-0c52-19f2ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800c2f9e29208-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3C4 631 B
533 B 35ms
35ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 12:33:35 GMT
via: 1.1 varnish
age: 6016137
x-cache: HIT
content-length: 399
x-request-id: fe37d0ca-3641-4729-9097-f8dc228dbbaf
x-served-by: cache-fra-eddf8230112-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 704606

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 1B76 55 KB
25 KB 418ms
34ms Stylesheet
text/css 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=inefmdoiduw3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 11:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 11:41:54 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 1B76 468 KB
188 KB 424ms
41ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 08:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 08:35:30 GMT

GET
H2 200 a1a1c858-f1eb-47af-9fca-fe233a89123d_image-837560.jpeg
storage.ko-fi.com/cdn/useruploads/post/ 149 KB
150 KB 288ms
287ms Image
image/jpeg 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/a1a1c858-f1eb-47af-9fca-fe233a89123d_image-837560.jpeg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/eradin
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ad7f506fd08c2a059845b820e17d3be9d902871421203425f5e10bf70eb2a4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 17 Nov 2023 12:33:35 GMT
x-ms-meta-userid: 1f12fac1-450c-4ea5-aeb6-892818052bf6
cf-cache-status: MISS
content-md5: zLm2KthQ9/JkYvNhMhkwXg==
content-length: 152939
x-ms-lease-status: unlocked
last-modified: Tue, 19 Sep 2023 07:43:01 GMT
server: cloudflare
etag: 0x8DBB8E40D27DA4F
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 71413412-501e-0077-6c52-199d71000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 827800c2f9e39208-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame D3C4 0
715 B 720ms
224ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Nov 2023 12:33:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700224415791703
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700224415790791
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D3C4 0
717 B 718ms
223ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Nov 2023 12:33:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700224415791404
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700224415790767
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2EFF 930 B
2 KB 501ms
48ms Document
text/html 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-23.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 213
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 12:30:02 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-id: hLOmiLrpGvJCdrjVgBL3FxEay7kr2VDzmTeLtNBYlS4p5XNW01v16Q==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1B76 2 KB
2 KB 39ms
36ms Image
image/png 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:27:20 GMT
x-content-type-options: nosniff
age: 47175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Nov 2023 23:27:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B76 15 KB
15 KB 41ms
38ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 552932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1B76 15 KB
15 KB 44ms
42ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 18:52:48 GMT
x-content-type-options: nosniff
age: 582047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 18:52:48 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1B76 105 B
212 B 53ms
53ms Other
text/javascript 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

GSE /

Resource Hash

f6b9d81e54a20796a7441b1eed0741d5f9c4c338761556981da51f5c02a4f191

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 12:33:35 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 2EFF 0
489 B 246ms
246ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/eradin

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Nov 2023 12:33:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700224416003627
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1700224416002823
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 2EFF 87 KB
16 KB 89ms
89ms Script
text/javascript 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-23.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:28:49 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 287
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: e-fdkz_RIucyNgloBq2omuzD9Nv-PoCWLh30TXRweDAMlBkcq2WVIw==

GET
H2 200 PageLoaded Show response
ko-fi.com/buttons/ 34 B
481 B 289ms
288ms XHR
application/json 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/buttons/PageLoaded?pageId=Z8Z4AD300

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4199476604d204f5695f658fe3f1c1fca5e608f1f91eebc48a17016a2f379920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest
Request-Id: |4n9wM.9g4W+
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 12:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 152
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 12:33:36 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 827800c93dc99208-FRA

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 347ms
47ms Preflight 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://ko-fi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 17 Nov 2023 12:33:35 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
306 B 129ms
128ms XHR
application/json 13.69.106.217
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c537dff3d23f6a022fcef77fe94da4160168c7b6049a98dfc353b7b11f3fee50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 142D3D6F-9B28-440E-B61E-73FAD6357DB8
strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 12:33:36 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 98

POST
H2 200 6 Show response
m.stripe.com/ Frame 2EFF 156 B
668 B 778ms
235ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ff460076adbbdef18b70bbf37f8ce9b24885f32787b23b022ed5a6c6491d9e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 17 Nov 2023 12:33:36 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700224416812104
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700224416811665
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 204 rum Show response
ko-fi.com/cdn-cgi/ 0
209 B 94ms
93ms XHR
text/plain 104.22.29.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/cdn-cgi/rum?

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.22.29.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.google.com/
Request-Id: |4n9wM.V15hK
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 Nov 2023 12:33:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ko-fi.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 827800c9ce3f9208-FRA

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
873 B 281ms
281ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ee8cdd17a99225c45ded055444a84a08a24897677a08fe42d18b6040a3c5d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json

Response headers

date: Fri, 17 Nov 2023 12:33:36 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f8764109b6fda
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230075-FRA, cache-fra-eddf8230075-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f8764109b6fda-950954d876a8d3a9-01
x-timer: S1700224417.699571,VS0,VE231
etag: W/"3f8-TGy/xRAr9eTDzIO3IeDHeUmJtf8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ko-fi.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 384ms
243ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ko-fi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://ko-fi.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 17 Nov 2023 12:33:36 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f197950ac7b7d
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f197950ac7b7d-c15b6083eca76340-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230075-FRA, cache-fra-eddf8230075-FRA
x-timer: S1700224416.468677,VS0,VE189

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 64ms
63ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FYXR0G6GNG&gtm=45je3b81v9165800661&_p=1700224411604&gcd=11l1l1l1l1&dma=0&cid=158438580.1700224413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700224412&sct=1&seg=0&dl=https%3A%2F%2Fko-fi.com%2Feradin&dt=Support%20Eradin%20on%20Ko-fi!%20%E2%9D%A4%EF%B8%8F.%20ko-fi.com%2Feradin%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&en=scroll&epn.percent_scrolled=90&_et=11&tfd=9234
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYXR0G6GNG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 12:33:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 218ms
217ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M13FZ7VQ2C&gtm=45je3b81v888810137&_p=1700224411604&gcd=11l1l1l1l1&dma=0&cid=158438580.1700224413&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700224413&sct=1&seg=0&dl=https%3A%2F%2Fko-fi.com%2Feradin&dt=Support%20Eradin%20on%20Ko-fi!%20%E2%9D%A4%EF%B8%8F.%20ko-fi.com%2Feradin%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&en=scroll&ep.isLoggedIn=no&ep.distinctId=&epn.percent_scrolled=90&_et=30&tfd=9458
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 12:33:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ko-fi.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 1a5dfd18726d38b36a3639d263c3aa0dc0e318ba73011e9769fcfecc2a4a1b04
.ko-fi.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 1a5dfd18726d38b36a3639d263c3aa0dc0e318ba73011e9769fcfecc2a4a1b04
.ko-fi.com/	1970-01-20 18:26:40	Name: _gcl_au Value: 1.1.1123899821.1700224413
.ko-fi.com/	1970-01-21 01:53:04	Name: _ga Value: GA1.1.158438580.1700224413
.ko-fi.com/	1970-01-21 01:53:04	Name: _ga_FYXR0G6GNG Value: GS1.1.1700224412.1.0.1700224412.0.0.0
ko-fi.com/	1970-01-21 01:02:40	Name: ai_user Value: 3krO0\|2023-11-17T12:33:32.981Z
.ko-fi.com/	1970-01-21 01:53:04	Name: _ga_M13FZ7VQ2C Value: GS1.1.1700224413.1.0.1700224413.60.0.0
ko-fi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2ls40jgt5cfxbzp5lqz3umzc
ko-fi.com/	1970-01-20 16:17:06	Name: ai_session Value: 0erYx\|1700224415058.1\|1700224415058.1
m.stripe.com/	1970-01-21 01:53:04	Name: m Value: 6b002678-4f37-47a4-9ef6-f031cc9becb848ce1f
.ko-fi.com/	1970-01-21 01:02:40	Name: __stripe_mid Value: 5b787560-4dfa-42d8-8907-870349248b0a98da80
.ko-fi.com/	1970-01-20 16:17:06	Name: __stripe_sid Value: 754de8d2-0228-46d9-8994-a1d6f0f75890bb1666

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.ko-fi.com
dc.services.visualstudio.com
eradin.ch
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
ko-fi.com
m.stripe.com
m.stripe.network
platform.instagram.com
q.stripe.com
region1.analytics.google.com
region1.google-analytics.com
static.cloudflareinsights.com
stats.g.doubleclick.net
storage.ko-fi.com
t.paypal.com
www.google.ch
www.google.com
www.googletagmanager.com
www.gstatic.com
www.instagram.com
www.ko-fi.com
www.paypal.com
104.16.56.101
104.22.29.80
13.69.106.217
142.250.185.104
142.250.185.106
142.250.185.164
142.250.185.227
142.250.186.35
142.250.186.67
151.101.1.35
151.101.192.176
151.101.65.21
152.199.19.161
157.240.0.63
157.240.252.174
172.67.26.21
216.239.34.36
44.241.50.239
54.187.119.242
65.9.66.23
74.125.133.155
84.16.66.164
025ec932133f485324e8694b456e282e369139e1d76e6f1386c680dda1e8dc0f
0294c443a2894db92ded5e6a756cb7cbce8e13ad59752aadfc24a8a1419cf77b
0365162066d3dd7f4a1215534e079e79c23d9b93f5a38f47309d3b75959b9c9f
0fae7019e31e6127ad883d031a36290b83b3ac7d03a6ee109b391d9b0fb9270a
12efd70f767cba18e3e51f35dd35ccd9f62ec07d643d53675125d39dc32ca681
135f5c24743f9dbcd04aa1b5a8a2772a2b3f6fe104342b2999c26e3e434e8df0
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1a8c46134bc64383c11f1934724607ad683f4d2ed1c10489f03ed01b10d8b44c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ca85c1812ca68df974c337eb02cfa9ed4d9b9069c337266dfd5e8ace95fdcd3
1d52222f35e6fa207eab568926809ae3ee40daeb060de500c84eb5e44b0238c2
1d9dd57f3ccdd051da3196d7ae95340d045375a9c779e96463aec96c237b575a
2069cf3c57b120fb09127ae5bc028b6c06d08b5fc345986813384704d10467f0
20aca36364f7c307006861215cb515fbce570b1ebeadd23cec96834e8bd11513
248e2d7ebe6d2887716925dd22cdcbc5116b6879a48477f69942457d61b82d8f
283e825989e009d13b228f34bb3d721705d576ac2eb4eeaf1be90f727d6d5767
314c24539472b73912ca8fa85d18eba96851bcb57eef99ae5bc3158a4d2eec7c
323d462b04302df2414bb7565eb44e5ea0cb1c27200029bd02b57bf373308b22
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
353787e21c95919955181c1afbc63e344c61caf4eff13e1b378304a332a5aa52
361ef6361b8708994b00dd261202e4a1a285f895d277c1c5d20d2397a025b0d7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fe4ff36f20f34d9bb820bcccc62c1e1a4372ee90820f55869616b0b51489a5a
4199476604d204f5695f658fe3f1c1fca5e608f1f91eebc48a17016a2f379920
41b8027883c1b4614b83ade0d791e80da436d8eed1b3d9cdab85c32f7c58b3ae
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
4c225caabe08a9a0613e1257efa5cda80cd82cf2798e5ea0479a20c75f3ca91c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52631aa65e4fc9d33887a3c35c75a3624c9616b074641ec73fcffbf7600c8840
542dc83a1fc05e5b30a49868b2826021e1da09cb332a3c854780a9b92dec46a2
55b3504e546b4f468cf874f3ec3237e4ba9d5ad193f8f36ca2418680596243f9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5baad51df14fd3ad2ca20ff8b0618737e15714087c597dcdbd733fe3f0d2c0f4
5e8cc4ba5549dcc0cad28f35fba9241a0dd184633dd561d0957b605de99fdac8
608fceeeb1e804ae2cc06b92be032585cd18fc7375fa93f9dd2a3af7c432a915
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
663ffcd772dcb73dc0dcdc3c60bddd8f9aae7e06169a609a161416a8c7220a06
676a8ced09d39d2976f239688c4f104b551338d3b14a9d9bd30d3667ca74d094
67debf7546f60c16b1cd96d07b3a9d3851c3ac91aba126d9d88ce9f6a73dabb2
68b157b8396a8aa1c0bb5f5950cf9a7477306a4156e1c958923c2e28cb6e28c8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ec1f31f623d90cabadbf5b17f01cd5e84025b8e3125e73649c6058bbf41cccd
71a67c65a60315b533115117b0e76768501c3812d280a6681e683820ea56d342
77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
791c6007323c117a570480f4be6c47f9b190ea2c83b160613b3c3748dd1d8ae7
79488c217fb7c67ae2a169332b61d9b5c5f34446c1f003c93bdcc7edc7c3511a
79e302d8490b8da90eb981f39ca6c30b74568eca809918b273caff1ce3fd0862
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
7c5d4a40c92e2c83a28cf1bbedd3a51f333545db326368b41deff6c5d4365592
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
882925065cd97dc82034e4e7f0ec1f5809e147074d5253a4c149629937269f78
8924c846d67400c8df8ea0ba465390f169285a6dc57a6d621eb810cf8fac5357
8966a0426081f47ebc4df82ab440c41e148c50826dca5a79bd9542456849964a
8a7c3ab3bfcc6534917a25a610fa4afd169e6ce7244fd330899fb1607c46db16
8c258b4c6e47586ade529a866721f9eb52b8fa2be49cdcd09419b7eb68cc41cf
9214020446336733693110f40ae387236467967a07012ff0f99da8cdf505e281
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9ee8cdd17a99225c45ded055444a84a08a24897677a08fe42d18b6040a3c5d6c
9f73c0015652859ca111e91691ddc2be33b28a82f1423f1e4268ab506d1c9477
a034927e7faf2dcc94e0f325de7693821a492402f896d9550320560a93d30c52
a3aff8ccfb2e5f7d5b4b8790c2506e0ee2ad8d85fbd0e32f3c7b6d52b5bdf0e1
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
aeed67ed17bb002eacaf25b78db3df87ab2b52ed402b9a5327f1124632306b21
afb573658403074db5225ae90612dc61602b0053edf48009c8590124c54cf682
b0ddcc7123a99aead7191cd68ae3b706cec7b7286d5bcf5d30acd9ec18de36a5
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b4eed0beb75c73a24384275418323653a2de7920da9e8f390528302b5d7f51e0
b6e9ba03a8a5758af4c04710d3d08e5ceec146eb2c0ac227ba209c8cb487c9a2
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c
bad3cb467199698ca9d6a20bd098be3ed95c17ee42ad3ed04ded8da33f6adb1e
be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82
c537dff3d23f6a022fcef77fe94da4160168c7b6049a98dfc353b7b11f3fee50
c53c0221919a0bfab6ca450fa017bbc90dc66c14dcc3da4dded55fa71f7d2a4f
c8190ac8f569646b28c013967f583807f87c8fcb83bd5ca22eea00e1ea5fcc6d
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
cb2134d2d0e6ad0bda36ad2228b5ac3f86370d08efbc52eda3b98bde5601bf1c
cced72a5fc90de9cbfa59c691d65be471f67d2aae3e3ed37ebe476bf2b0c7030
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d4cde48dc62aee57bce45479571fd94b41be68f7ac76b10dcb229d5072564327
d57bd372816bf6d09bab3f46e74eb226549fc812fc35c58555fe38d22dd2c2a2
d64c9b4056afa1f076c3be305cb2b9e4ef07df21cf62c65832e927660f54a3ff
d69aaf0dd993c601ae9f2978dc7fc363775d04bc549da9b366779f60ecb81372
d9ad7f506fd08c2a059845b820e17d3be9d902871421203425f5e10bf70eb2a4
dee3f12023dcf49e0ce012af54bbf8e5d1b77e774ac192c3393d8ddb898ac332
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5845500a29b4f113310b4f7ece09f7b15643b169b46609981c75d2460a4a64
ec24c83c49aa3e87501ffb4b6180fe136752f93beb0d76ff91ad3fdbd28d1c1e
ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96dcca2d81249b773d184d1b77fc755cc43512638e23fbf4b1bec488d22b7e
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f27e9ca75db1b778e94c55ffb6a1f471a2fab0761034b9ce0a233bc0866e6cc2
f5b4cbb864b7f74f6da00206715552fdaeb8e63e82c1173c058af14c75514256
f6b9d81e54a20796a7441b1eed0741d5f9c4c338761556981da51f5c02a4f191
ff460076adbbdef18b70bbf37f8ce9b24885f32787b23b022ed5a6c6491d9e3f

ko-fi.com Open in urlscan Pro 104.22.29.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

99 %HTTPS

0 %IPv6

16 Domains

25 Subdomains

20 IPs

5 Countries

3541 kBTransfer

6926 kBSize

12 Cookies

9 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ko-fi.com Open in urlscan Pro
104.22.29.80 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

99 %
HTTPS

0 %
IPv6

16
Domains

25
Subdomains

20
IPs

5
Countries

3541 kB
Transfer

6926 kB
Size

12
Cookies

117 HTTP transactions
0 data transactions