payments.kts.pm Open in urlscan Pro
2606:4700:3036::6815:284f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payments.kts.pm/
Submission: On February 24 via automatic, source certstream-suspicious (February 24th 2023, 2:37:58 pm UTC) — Scanned from DE

Summary HTTP 87 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3036::6815:284f, located in United States and belongs to CLOUDFLARENET, US. The main domain is payments.kts.pm.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time payments.kts.pm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3036::6815:284f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
35	2606:4700:10:... 2606:4700:10::ac43:1a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:3250	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:1d50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:803::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
2	13.69.106.212 13.69.106.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
87	18

16 2606:4700:3036::6815:284f (United States)

ASN13335 (CLOUDFLARENET, US)

payments.kts.pm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:10::ac43:1a15 (United States)

ASN13335 (CLOUDFLARENET, US)

ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:3250 (United States)

ASN13335 (CLOUDFLARENET, US)

publicapi.killteamseller.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1d50 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	ko-fi.com ko-fi.com — Cisco Umbrella Rank: 41966 storage.ko-fi.com — Cisco Umbrella Rank: 48959	274 KB
16	kts.pm payments.kts.pm	125 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	444 KB
5	paypal.com www.paypal.com — Cisco Umbrella Rank: 2411 t.paypal.com — Cisco Umbrella Rank: 3199	103 KB
4	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927 cloudflareinsights.com — Cisco Umbrella Rank: 909	12 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	26 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 775	537 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	66 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	140 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	60 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2132	22 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	3 KB
1	killteamseller.it publicapi.killteamseller.it
87	14

	Domain	Requested by
19	storage.ko-fi.com	ko-fi.com storage.ko-fi.com
19	ko-fi.com	payments.kts.pm ko-fi.com az416426.vo.msecnd.net
16	payments.kts.pm	payments.kts.pm
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.paypal.com	ko-fi.com www.paypal.com az416426.vo.msecnd.net
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google.com	ko-fi.com www.gstatic.com www.google.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	cloudflareinsights.com	static.cloudflareinsights.com
2	www.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	ko-fi.com www.googletagmanager.com
2	cdn.jsdelivr.net	ko-fi.com
2	static.cloudflareinsights.com	payments.kts.pm ko-fi.com
2	fonts.googleapis.com	payments.kts.pm ko-fi.com
1	t.paypal.com	ko-fi.com
1	az416426.vo.msecnd.net	ko-fi.com
1	cdnjs.cloudflare.com	ko-fi.com
1	publicapi.killteamseller.it	payments.kts.pm
87	18

This site contains links to these domains. Also see Links.

Domain
mobirise.in
t.me

Subject Issuer	Validity	Valid
payments.kts.pm GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2023-02-04` - `2024-01-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://payments.kts.pm/
Frame ID: 369D2CFD8C750F041EF7201AAF975E44
Requests: 22 HTTP requests in this frame

Frame: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Frame ID: 12460279537D386BEDBF1A3C54A9555B
Requests: 56 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=quenkzluu4l9
Frame ID: FA856508E4C684B0808D55BB24CF5DD3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

KillTeamSeller Payments

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

87
Requests

100 %
HTTPS

82 %
IPv6

14
Domains

18
Subdomains

18
IPs

4
Countries

1278 kB
Transfer

3740 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://mobirise.in/
Title: Mobirise Best Web Page Builder

Search URL Search Domain Scan URL

URL: https://t.me/ktsdonatebot
Title: Vai al bot

Search URL Search Domain Scan URL

URL: https://t.me/killteamseller/
Title: KillTeamSeller

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payments.kts.pm/ 3 KB
2 KB 117ms
69ms Document
text/html 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad25c6bd6ba03f03f3a9035435a779bc0c1ccd4e2069b40aca84a1003d531ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79e8f111b8f83608-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7oX2kKtKG5TSyPnhcieBFg4bc5eQsVdd69mL9VdZXXYL5JjJO3%2FvuW2SWaZAEYaAQYBgViSSfzUQ5RU2VvedLt%2BHIEf549MJrc4%2Bu0Y52gNxrFOUAMwgoeaD2op4qOqsfy2GaZLbNFg2ghzTBk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 v7tsBNHvXrhByzhKd8kUDMeSYc8.js Show response
payments.kts.pm/cdn-cgi/apps/head/ 5 KB
2 KB 384ms
382ms Script
application/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/cdn-cgi/apps/head/v7tsBNHvXrhByzhKd8kUDMeSYc8.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a70a91af22eccc32e847443edb02b204b2d0ce9e597475fdc379af7af58e46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
x-amz-version-id: rFTKmOmzqmJOnY5yi56oKADANxFdovAy
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-request-id: 387SCBF4ETVWDJ5K
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: oeQroHGvs2ErQpd2yBJRes8UXn/X/cKY01JP+WRxwhb4aKpbMtWr61goSyl0l4blFekfZJguYTM=
last-modified: Thu, 10 Nov 2022 19:59:26 GMT
server: cloudflare
etag: W/"b0236221c1648a1b44fc51a9ccc0915e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLTyVrF9kXTUV7qbbI3C4WGZzPoKsRX5mpqj%2B0FsqNIhzFHCxrKBNtWXmSv8BvWlOc212qczv4wpAyTbxO0fUqHQMqSmMByplrOwkrKt%2F9f03IIbATKXSs9Qoffk8vWXfYPiDtwMMTsylSTNNvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 79e8f11229bb3608-FRA

GET
H2 200 tether.min.css
payments.kts.pm/assets/tether/ 237 B
407 B 137ms
136ms Stylesheet
text/css 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/tether/tether.min.css

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"eb6b9645bffbf99f2d39511c6ce8b200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPs8uLVYuNXthEpYc7IEjtto9WnxB26sCfQolMOReyLAZbWek2oGPwj2KL49YXy4otuAjw6Mu8SdyNlTvlWIKH%2BBMcusX7I%2BBRH3pBaBoxvZunoao5%2BlYFbDEY7tPwwubNQMfMCp%2Flq3%2FvTC4cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f11229bc3608-FRA

GET
H2 200 bootstrap.min.css
payments.kts.pm/assets/bootstrap/css/ 157 KB
25 KB 169ms
168ms Stylesheet
text/css 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/bootstrap/css/bootstrap.min.css

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a547652943e11dd21e7a0c39fae37b84c6dd27de5efff7ea4f45cde43c938f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7bc87af3485d09c134aed84b9240adb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L410tjss3d4Ly36h0H942JMsSmociM92GDlxytQ0tRjiK8FJ5AFz3Q%2B%2Bg7vrcXQurX8gRTjK2FOoa8KNEQS7HgwNXbRXdJcunHNicYsbxrwZUrUxiOnabA2Xmx5x0WYCce0p79ma%2BF2P5MJ1tqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f11229bf3608-FRA

GET
H2 200 bootstrap-grid.min.css
payments.kts.pm/assets/bootstrap/css/ 50 KB
7 KB 106ms
105ms Stylesheet
text/css 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/bootstrap/css/bootstrap-grid.min.css

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0d57419d80d1d4593e5e9ed1723642b8cb1d4d01fb80b2724dc4f6173a66607

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7b2fe9b10e781a199ea7cbd9704ade86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTOOHsylFpO9BcL41S4PmXaXjEAZJ0I%2FuVo0vKJOEQblByVsekowZ9UPqE%2FiBRSGdsBCsj86xTcbxPO%2FoKFk5ze2qLBFX5S3BW6AzxKhaEnRPO6peYUKa%2FwPXk0%2F1g7ivwbayGg3eo0NnvEDOUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f11229c13608-FRA

GET
H2 200 bootstrap-reboot.min.css
payments.kts.pm/assets/bootstrap/css/ 4 KB
2 KB 122ms
121ms Stylesheet
text/css 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/bootstrap/css/bootstrap-reboot.min.css

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb90d339a5e25d8ebb5a33c98f70f9f18db16b7cff8b1dd80c0ee049eeee45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"55b4c167e7d82c0d447699ca6a4d73a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7A8g7VbDTAzJl4b77lcNN3nq0e4P476vYhNXQyJ0GwhN7640hZxZJAxmrn2zPBcUgYV4qtF0JSBp2z00ULaJphWNiRsTLOAxVvBZHtdD%2B2XZ9bwijzTLj8BCXI4tRzzalImyYrC01ZLJP2eEFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f11229c23608-FRA

GET
H2 200 style.css
payments.kts.pm/assets/theme/css/ 19 KB
4 KB 123ms
122ms Stylesheet
text/css 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/theme/css/style.css

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745e14c538ef9dec8f64f172807ff960dbc9625a8dc325205cd517cff3743b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a531b98ad84d834acc6095356b669f7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pD2PkBfpFYiYPBXTKkT30Yy960RnQtm7Lno0A6PGsxHz%2F91rabxCjksdgP6rG7r3ABvmCJPAqer91gEJqapgaNv%2FqFqzDfqbIAYrhl%2BD6QxswQiQumaJyRCYH2fWbHdwhFM8qW5U7uskQrc2NI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f11229c33608-FRA

GET
H2 200 mbr-additional.css
payments.kts.pm/assets/mobirise/css/ 18 KB
4 KB 101ms
101ms Stylesheet
text/css 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/mobirise/css/mbr-additional.css

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326e3e44baaa7e66ecc9b4028832096c41b3a1796cc2b377020b2b85852d3287

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ee4d46d551b86160e216c7553e1974b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0o4RF5%2BdW51QryN147gi1FAfYk7CDYu3PSs3AnXV9O7GTV0lQLOrLTak%2F59vtZdig724H90Y3wHVKL7UQY8fJT5yw8algZzwj9Ay%2BVROeIZK%2Bm8JXwmRYVNAIDG7Wnw%2BogmQovLa8f1Ez3AYM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f11229c73608-FRA

GET
H3 200 rocket-loader.min.js Show response
payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 22 Feb 2023 10:50:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"63f5f393-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDLBZfuwUuINm6%2Fzmx8PiqHE9m0nLLZYYiRNJEc%2FO8QiVxD4OJufhZnVcEzh77SPsP%2Fo5qVEQLqY6fbgsBs9m65esYm1ES1eWbpxdY7MxDXSfNMUDrjKDhH2JO7H6YE3onFAopEkjeoyQLHD1NI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 79e8f1133d0b8fe2-FRA
expires: Sun, 26 Feb 2023 14:37:52 GMT

GET
H3 200 _igy1JKYavFzhxZIgMPzCvvCTeM.js Show response
payments.kts.pm/cdn-cgi/apps/body/ 2 KB
2 KB 377ms
377ms Script
application/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/cdn-cgi/apps/body/_igy1JKYavFzhxZIgMPzCvvCTeM.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/apps/head/v7tsBNHvXrhByzhKd8kUDMeSYc8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d69482b93d15739ec51c73af7b5ed909c9a49c8ffa23709adff2fca9fdbd7995

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
x-amz-version-id: xN3bbDIOm_UneGwj2FzGwBZvggfhc30D
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-request-id: 387V2WYWDYWT10XN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4NvvmxFRvR9fXzg2hibwFbXUObyIg8fH1TGA1MFWY4tpUJaI0BNUJ21OoRBRNRrHM0Ms7nd2Pa0=
last-modified: Thu, 10 Nov 2022 19:59:26 GMT
server: cloudflare
etag: W/"492a2527ff626ae2fd8e44c6424906a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88586uWdNV%2FU7bE1D8m1OTpNBfTXOYNV2chBRMuBMxAThYvXFH4rZCCHnbzfIf3mDcHmi2DcAEfc193nMlevVxZ3%2BU%2FKFQQa4E0eMGDcq%2B1EB03UT%2BA5C%2FBKs4YSmA8JvXEshkVYg5lLkRiDHSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 79e8f1149ef78fe2-FRA

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 114ms
42ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/assets/mobirise/css/mbr-additional.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 14:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 14:34:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 14:37:52 GMT

GET
H2 200 / Show response
ko-fi.com/killteamseller/ Frame 1246 160 KB
30 KB 267ms
220ms Document
text/html 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99b9035ae927bb4e03c51fcb15052c6d0da72dfdd26ae0e6e275ebd7394bcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payments.kts.pm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
arr-disable-session-affinity: True
cache-control: private
cf-cache-status: HIT
cf-ray: 79e8f114edaa3651-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 14:37:53 GMT
last-modified: Fri, 24 Feb 2023 14:34:51 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 17 KB
6 KB 77ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 79e8f1157cb9bbd1-FRA

GET
H3 200 script.js Show response
payments.kts.pm/assets/theme/js/ 20 KB
7 KB 155ms
155ms Script
text/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/theme/js/script.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26a4b13ec84938d4b4d4669bd112ed375360fd481a7300362f696746bcf42098

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"bef20b5f105d4b9f4769197fe313d26b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZEdprYA5zfkOp0Bk2rg5peNVF2DKEGquAzs98cxpynOM9cGAKYolK6c9BwnwZH6W4TttFPaf0Kpikh8fnvJ61h%2B9g6%2BYpJfR1KegswpSg1WLaZ3H0JG2onr8UefpkZzgrlqJRkqA4DiRCzaN8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f1155fd28fe2-FRA

GET
H3 200 smooth-scroll.js Show response
payments.kts.pm/assets/smoothscroll/ 7 KB
4 KB 488ms
487ms Script
text/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/smoothscroll/smooth-scroll.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ccd89551b3cb44b0a7dc2b8439957a38f3c6fd898c02f178f00312df122794

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"df0151f0bb8d989087fe9e10a013f89c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DkWHfwca3%2B1zU9BRXuZDb6mlZ94CFwAYa1ri8Wbm365IY0eZXyjifzrf5fTldqZueNktoi1wYqOx9eIETRgR84s90WWdfNJpL17%2F%2FkDs2FNn%2Bh%2BsPkntH7YVEW3BGqE4nZlF1bw3yM3zCSswDY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f1155fd58fe2-FRA

GET
H3 200 bootstrap.min.js Show response
payments.kts.pm/assets/bootstrap/js/ 59 KB
16 KB 211ms
210ms Script
text/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/bootstrap/js/bootstrap.min.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7390975fc3e41ad5ec9d1870edc3103f7c498dd82dce4bbaf22a9e7bba96b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"872c4c51a1c03c32bce8a8d4417f53b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oP%2F8TQzZkiQmpMiFor%2FGABKgnii0Kh%2BDdpEneMz0wbzjI6xNuFiDvh%2F1tOhI9RA%2B2EIzbF6z1Wa2kAwDdLtomJ3AztWOXbddqSO%2BAoV6V%2BnGRd4m4ZQIEGi5fxqrPjOG95feLezwyk%2FV%2BYhky9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f1155fd68fe2-FRA

GET
H3 200 tether.min.js Show response
payments.kts.pm/assets/tether/ 23 KB
7 KB 130ms
129ms Script
text/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/tether/tether.min.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:52 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3de22608e0c2b4b9a32675486a7f42b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CndCyfHp9ktANZTz%2FfSVP%2F9wyGcAC5V3Wv6oLl9KBDnSYACPPa1aPSmqTo8hTAnXOLQP92H%2F44%2BuKxmJvresQMZhcrarKYfA%2FmfYLTp5Ou5Kr74DB9PAKYfmkKIwq3WQ97Y8%2FCI7UrGI%2B0uAt7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f1155fd78fe2-FRA

GET
H3 200 popper.min.js Show response
payments.kts.pm/assets/popper/ 19 KB
7 KB 170ms
169ms Script
text/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/popper/popper.min.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4fdb686bb2241b8a29e194b0ec6db16f997bde526ae5b37b8ab3c48aaa7a747

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a046a8b3f14e410f40b1d58e199e49e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbX3wjmgyjhaG463GMsHx1EqoiJiDjlpoLKND2NFI5PcT89pmTKCIM%2FuS%2FbS4Yg7nu5anfxKNcqtonU3CQIq%2B%2F3dkIduXK0X0DalDfuHb9G0mCCNK2P48bhhY5KpXnL2lniGshNWvo6rZUYA1hE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f1155fd98fe2-FRA

GET
H3 200 jquery.min.js Show response
payments.kts.pm/assets/web/assets/jquery/ 87 KB
32 KB 184ms
183ms Script
text/javascript 2606:4700:3036::6815:284f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.kts.pm/assets/web/assets/jquery/jquery.min.js

Requested by

Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:284f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"42b640de36bc222d178a9b1d72472fc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0ugJ132UbdEZ%2BQANF9R92db78uswNJzoexdMSpDMK4GOeUD82PWmFAlEyBpADxWQnGTFCbg%2F%2B1TZppNh%2F3pzXvVmvLaZErPHuFRk2aNE%2FrrGYEZB5KBhNGumWNmGZzUROilgWpauu%2BtHWtjemw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 79e8f1155fda8fe2-FRA

GET
H2 200 KTSMonitor.php Show response
publicapi.killteamseller.it/api/ 0
0 183ms
128ms Script
application/json 2606:4700:3030::6815:3250
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.killteamseller.it/api/KTSMonitor.php?userID=1170011655&notes=KillTeamSeller%20Payments
Requested by: Host: payments.kts.pm
URL: https://payments.kts.pm/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.kts.pm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 26 KB
26 KB 83ms
20ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payments.kts.pm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 01:55:09 GMT
x-content-type-options: nosniff
age: 218563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 01:55:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1246 5 KB
680 B 44ms
42ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;700;800&display=swap

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c93f0a37ee3c61f4d4e0a8ecc78569906b50e1f4f8ec9f9a0422e3545e571ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 14:09:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 14:37:53 GMT

GET
H2 200 all.min.css
storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/ Frame 1246 57 KB
10 KB 80ms
31ms Stylesheet
text/css 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/all.min.css?v=556np
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8dc401cbf7656ab8c22eeecb17c6431f44fa5fdda38c45edfcec7416afc134

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zuO584AcQxMEhubT1iiOOw==
age: 2098
x-ms-lease-status: unlocked
last-modified: Fri, 03 Feb 2023 04:54:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 659390cf-901e-0051-31ca-376c16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f116c9a136dc-FRA

GET
H2 200 css
ko-fi.com/Content/ Frame 1246 419 KB
72 KB 32ms
30ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/css?v=6JT3GCOxCqgLRfmvCyr54H8WEZyTPhcRJVwlAHciC8s1

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6039132dd92d0e02754d7aa0071e246ff80a5cdad5bccd2e6b8f2507c05ba09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 201
cf-polished: origSize=463354
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Fri, 24 Feb 2023 14:02:38 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
cf-ray: 79e8f11678483651-FRA
expires: Sat, 24 Feb 2024 14:02:38 GMT

GET
H2 200 profile.js Show response
ko-fi.com/Scripts/sections/ Frame 1246 466 B
414 B 28ms
26ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/sections/profile.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c225caabe08a9a0613e1257efa5cda80cd82cf2798e5ea0479a20c75f3ca91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 10
cf-polished: origSize=781
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 14:37:18 GMT
server: cloudflare
etag: W/"0a3d21404d91:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f11678503651-FRA

GET
H2 200 jpg_b8356dc0-7772-4741-9e63-30e6ef2909b6cover.jpg
storage.ko-fi.com/cdn/useruploads/ Frame 1246 292 B
795 B 205ms
197ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/jpg_b8356dc0-7772-4741-9e63-30e6ef2909b6cover.jpg?v=ec9efd12-2a6b-4763-a03b-57fc90e20631
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a418c0c8d1408cd018f2f7cce33b09b6ace01ea4387b301da0617dcd150d8f12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
x-ms-meta-userid: b8356dc0-7772-4741-9e63-30e6ef2909b6
cf-cache-status: HIT
content-md5: onjKxQXAcJC2k9gnIJ74Tg==
cf-polished: origFmt=jpeg, origSize=2485
x-ms-meta-pageid: B0B879QY0
content-disposition: inline; filename="jpg_b8356dc0-7772-4741-9e63-30e6ef2909b6cover.webp"
content-length: 292
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Fri, 24 Feb 2023 13:32:57 GMT
server: cloudflare
etag: 0x8DB166BA43774B6
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 85dd8720-f01e-0057-5054-485fa9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,x-ms-meta-PageId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79e8f11719633651-FRA

GET
H2 200 profileV2.css
ko-fi.com/Content/ Frame 1246 50 KB
9 KB 33ms
32ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/profileV2.css?v=556np

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a530561445a04de07004151be3276986493fcbfb678848ad0d24afb9376d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 10
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 05 Jan 2023 08:32:02 GMT
server: cloudflare
etag: W/"02d272fe020d91:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 79e8f116784b3651-FRA

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.6.11/dist/ Frame 1246 91 KB
35 KB 63ms
27ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.11/dist/vue.min.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 194515
x-jsd-version: 2.6.11
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230072-FRA, cache-yyz4576-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lngHN02f0CwLhVcsjpUJeBO3nzzoRSXZwLz1dyg2dTYYL6olAVA2kffq%2BebAEBGMnt%2BKelP2ROj0dAS2oic%2BSbeTuzKS%2FwS9bYa9xHDZIMne%2FImL1%2BP7MP59cp%2BYrP7R5n0uhjYbNTWcugwLAv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79e8f116bb172c5d-FRA

GET
H2 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.15/ Frame 1246 72 KB
26 KB 61ms
25ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.15/lodash.min.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 194591
x-jsd-version: 4.17.15
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230096-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"11e2d-MvCew+wJUPR6NfwNZWVZ1bFk2s0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTQzBijZVR0Jk7bYIU%2F%2Bj1OC%2BopjJjvk61FHGtW0McVJ6Km%2FYQzQskAy2fNSmj8kUZZNaPus3aAG1ADcRd0dD0Q%2FZEn6L6%2BNDJgI6jDn8rvUO84bTv%2BC48MGRtdjGArzhKJ%2BOu4YCD2o6dZnYQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79e8f116bb1b2c5d-FRA

GET
H2 200 lite-yt-embed.css
ko-fi.com/lib/lite-youtube-embed-master/ Frame 1246 2 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/lite-youtube-embed-master/lite-yt-embed.css?v=556np

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7c3ab3bfcc6534917a25a610fa4afd169e6ce7244fd330899fb1607c46db16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 10
cf-polished: origSize=2587
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 13:28:06 GMT
server: cloudflare
etag: W/"07768912ded91:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 79e8f116784d3651-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 1246 884 B
905 B 53ms
25ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

032c3426e86a5fa74ded270cd1f36b254062b4a894f4f259f6306d719a6f9a62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 585
x-xss-protection: 1; mode=block
expires: Fri, 24 Feb 2023 14:37:53 GMT

GET
H2 200 loading.svg
storage.ko-fi.com/cdn/ Frame 1246 579 B
687 B 40ms
32ms Image
image/svg+xml 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/loading.svg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: cE+f6ga+XSnmqRTc3dp4Pg==
age: 5641
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5934a41e-a01e-004a-6ced-205215000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719653651-FRA

GET
H2 200 cuplogo-sm.png
storage.ko-fi.com/cdn/ Frame 1246 2 KB
2 KB 45ms
37ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cuplogo-sm.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aebeb497f80f18385e6f849693005848eca5b89076f52e63d06cc4b179c129d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
cf-cache-status: HIT
age: 5065
cf-polished: origFmt=png, origSize=35474
content-disposition: inline; filename="cuplogo-sm.webp"
content-length: 1768
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:49 GMT
server: cloudflare
etag: 0x8DAB5417C9BC9A0
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 47c6cf86-301e-0083-3fe2-31eff8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79e8f11719673651-FRA

GET
H2 200 loading.svg
ko-fi.com/img/ Frame 1246 579 B
447 B 47ms
40ms Image
image/svg+xml 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/loading.svg

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2022 13:41:04 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 201
server: cloudflare
etag: W/"0985eb89efd81:0"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 79e8f11719683651-FRA
x-xss-protection: 1; mode=block

GET
H2 200 7d75b428-7e19-4eb2-893b-f42f7682ff30.png
storage.ko-fi.com/cdn/useruploads/ Frame 1246 17 KB
17 KB 219ms
212ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/7d75b428-7e19-4eb2-893b-f42f7682ff30.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230dfe932c96d70d1c26e51598c160aeb2a0b822468c509369a0bf6ff1fe1934

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
x-ms-meta-userid: b8356dc0-7772-4741-9e63-30e6ef2909b6
cf-cache-status: HIT
content-md5: vvZkZAZFnmZhSR0SU+Ucqg==
cf-polished: origFmt=png, origSize=72298
x-ms-meta-pageid: none
content-disposition: inline; filename="7d75b428-7e19-4eb2-893b-f42f7682ff30.webp"
content-length: 17498
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Mon, 24 Oct 2022 04:13:05 GMT
server: cloudflare
etag: 0x8DAB5760D4257D6
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 65ede86b-101e-003d-7453-488781000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,x-ms-meta-PageId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79e8f117196b3651-FRA

GET
H2 200 kofi_stroke_cup.svg
storage.ko-fi.com/cdn/ Frame 1246 865 B
651 B 45ms
38ms Image
image/svg+xml 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/kofi_stroke_cup.svg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2134d2d0e6ad0bda36ad2228b5ac3f86370d08efbc52eda3b98bde5601bf1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LKIvaQFeuMb8PTIQiGCnVg==
age: 5630
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 93b2f013-b01e-000b-27ed-200af1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f117196c3651-FRA

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ Frame 1246 6 KB
6 KB 38ms
31ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 1484
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: b548e6e4-101e-0012-03e2-318a4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79e8f11719713651-FRA

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 1246 17 KB
6 KB 58ms
40ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 79e8f1172f9c2bee-FRA

GET
H2 200 jquery-2.0.0.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 81 KB
29 KB 29ms
28ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LtyULAvSR2volnqfeI2eJg==
age: 6827
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7dbd50e7-201e-0044-5ded-207ba5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f116f90e3651-FRA

GET
H2 200 jquery.unobtrusive-ajax.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 4 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery.unobtrusive-ajax.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 314c24539472b73912ca8fa85d18eba96851bcb57eef99ae5bc3158a4d2eec7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: beuh7IuiH/NF+6Wy7GBbTg==
age: 5813
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 187e4276-701e-0059-67ed-207619000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f116f9173651-FRA

GET
H2 200 jquery-sortable-min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 11 KB
3 KB 38ms
29ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-sortable-min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b8027883c1b4614b83ade0d791e80da436d8eed1b3d9cdab85c32f7c58b3ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zLsNVQZjevliZPpyAemGfQ==
age: 5813
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 39afe53f-a01e-0038-3aed-20555a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11709303651-FRA

GET
H2 200 jquery.validate.min.js Show response
storage.ko-fi.com/cdn/scripts/jquery-validate/1.15.1/ Frame 1246 22 KB
7 KB 40ms
29ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-validate/1.15.1/jquery.validate.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: RBKaOLU74PoHrzeHRg6LdQ==
age: 1621
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9ad6cef8-a01e-005a-1bed-20977d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719403651-FRA

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
storage.ko-fi.com/cdn/scripts/jquery-validation-unobtrusive/3.2.6/ Frame 1246 5 KB
2 KB 53ms
42ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: ZaQbKNkH4sv5/b3yz0M3vw==
age: 5813
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9c64a53c-101e-0002-65ed-204f22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719423651-FRA

GET
H2 200 shared.js Show response
ko-fi.com/Scripts/ Frame 1246 7 KB
3 KB 36ms
26ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/shared.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5ceef78063356cd19579a96558530ccde19fda481a7d2876d69d86ecb97dc60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 75
cf-polished: origSize=10869
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 10:00:04 GMT
server: cloudflare
etag: W/"0aae1690fdd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f11719443651-FRA

GET
H2 200 CustomGoogleTagManagerEvents.js Show response
ko-fi.com/Scripts/ Frame 1246 2 KB
750 B 54ms
44ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/CustomGoogleTagManagerEvents.js?v=8

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52222f35e6fa207eab568926809ae3ee40daeb060de500c84eb5e44b0238c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 201
cf-polished: origSize=3203
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 13:41:04 GMT
server: cloudflare
etag: W/"0985eb89efd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f11719453651-FRA

GET
H2 200 bootstrap.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 28 KB
8 KB 40ms
30ms Script
text/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/bootstrap.min.js?sv=2019-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
age: 4598
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 20f40c98-501e-0013-59ed-20d596000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719463651-FRA

GET
H2 200 respond.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 5 KB
3 KB 35ms
24ms Script
text/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/respond.min.js?sv=2019-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
age: 6827
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 6637bbc3-301e-0005-14ed-202341000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719483651-FRA

GET
H2 200 backbutton-close-modal.js Show response
ko-fi.com/Scripts/ Frame 1246 1 KB
499 B 44ms
34ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/backbutton-close-modal.js?v=8

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e8cc4ba5549dcc0cad28f35fba9241a0dd184633dd561d0957b605de99fdac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 201
cf-polished: origSize=1603
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 13:41:04 GMT
server: cloudflare
etag: W/"0985eb89efd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f11719493651-FRA

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/ Frame 1246 5 KB
3 KB 56ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1814966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1885
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-15a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OyN%2F6GXs8B%2BB3USjQYuf%2BPhdUmgH78tRdDzpR%2F5zo2F9L5jfsWETWU6CjGXjJE8rLRW%2BbuFI%2FRNFDuucslgudoBcY4stUkOLgcdSSYWMA6eTjcacvkQk4H%2F7rTEHN%2BaX1%2FAJLbsC0dSseh%2F4L3nH1py"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79e8f11728989b2e-FRA
expires: Wed, 14 Feb 2024 14:37:53 GMT

GET
H2 200 modal-steps.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 3 KB
1 KB 51ms
41ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/modal-steps.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fae7019e31e6127ad883d031a36290b83b3ac7d03a6ee109b391d9b0fb9270a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VNyHtclKfE3whzFX2YPzhA==
age: 6077
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 14b10239-901e-0051-40ed-206c16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f117194a3651-FRA

GET
H2 200 commentsScripts.js Show response
ko-fi.com/Scripts/ Frame 1246 12 KB
3 KB 199ms
189ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/commentsScripts.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee3f12023dcf49e0ce012af54bbf8e5d1b77e774ac192c3393d8ddb898ac332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2022 13:41:04 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
server: cloudflare
etag: "0985eb89efd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 79e8f117194c3651-FRA
content-length: 2802
x-xss-protection: 1; mode=block

GET
H2 200 lite-yt-embed.js Show response
ko-fi.com/lib/lite-youtube-embed-master/ Frame 1246 3 KB
1 KB 40ms
31ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/lite-youtube-embed-master/lite-yt-embed.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9dd57f3ccdd051da3196d7ae95340d045375a9c779e96463aec96c237b575a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 201
cf-polished: origSize=7422
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Mon, 12 Dec 2022 13:28:06 GMT
server: cloudflare
etag: W/"07768912ded91:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f117195a3651-FRA

GET
H2 200 gallery-item-view.js Show response
ko-fi.com/Scripts/modules/ Frame 1246 5 KB
2 KB 33ms
23ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/modules/gallery-item-view.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d572ff1ca550d8e3187a5c32e49b7e8139ad08a8ff756c9538c1575fcca21c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 250
cf-polished: origSize=10107
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 15:55:00 GMT
server: cloudflare
etag: W/"022d5d8c2ad91:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f117195b3651-FRA

GET
H2 200 gallery-item-upload-modal.js Show response
ko-fi.com/Scripts/modules/ Frame 1246 5 KB
2 KB 49ms
39ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/modules/gallery-item-upload-modal.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d873b920906be14104ff25dfa3f82c634d186291dd24c50d773868df10d0e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 75
cf-polished: origSize=9240
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 13:25:58 GMT
server: cloudflare
etag: W/"0f7431f3fffd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f117195c3651-FRA

GET
H2 200 loadmore.min.js Show response
ko-fi.com/Scripts/plugins/loadmorejs/ Frame 1246 4 KB
2 KB 42ms
33ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/plugins/loadmorejs/loadmore.min.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ec1f31f623d90cabadbf5b17f01cd5e84025b8e3125e73649c6058bbf41cccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 75
content-length: 1596
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 03 Nov 2022 13:41:04 GMT
server: cloudflare
etag: "0985eb89efd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 79e8f117195d3651-FRA

GET
H2 200 loadmore-initialise.js Show response
ko-fi.com/Scripts/loadmore/shared-layout/ Frame 1246 1 KB
577 B 45ms
36ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/loadmore/shared-layout/loadmore-initialise.js?v=174mo

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9622e211d37ae0b5461bb7be2be5a6c5a4cc08dbc1393a5ce3c3af89492ad457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 250
cf-polished: origSize=2329
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 17 Jan 2023 15:55:00 GMT
server: cloudflare
etag: W/"022d5d8c2ad91:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f117195e3651-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 1246 324 KB
96 KB 543ms
482ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AUIEyoriOCmlEGQq88qYLvzbyuzxmHBN2LoVh3mFxlbKVToHby0pSWGb4j6_uf7RqARdtIjtBgs6QCzV&currency=EUR&intent=capture&commit=true&enable-funding=venmo&disable-funding=credit&merchant-id=9TGR864R5MNFU&vault=true

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3534a94a26fd90fe12564f6cde78f6f16b34d6a92fea60653ac44a9ea77481f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-qu/EFbvVgHsjuVofefjKra9rngTU3rgsoSHHSKKuJsufQYD8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qu/EFbvVgHsjuVofefjKra9rngTU3rgsoSHHSKKuJsufQYD8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qu/EFbvVgHsjuVofefjKra9rngTU3rgsoSHHSKKuJsufQYD8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qu/EFbvVgHsjuVofefjKra9rngTU3rgsoSHHSKKuJsufQYD8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 14:37:53 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f87743871799e
server-timing: "traceparent;desc="00-0000000000000000000f87743871799e-b4b6849d979ce1c3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 97020
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220034-HHN
traceparent: 00-0000000000000000000f87743871799e-5b68b333bc36a366-01
x-timer: S1677249473.190164,VS0,VE471
etag: W/"17afc-nMbXE7jE5EVHYibn6dSNRQVUr0w"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 HorizontalScrollScripts.js Show response
ko-fi.com/Content/ Frame 1246 2 KB
786 B 52ms
43ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/HorizontalScrollScripts.js?v=556np

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c258b4c6e47586ade529a866721f9eb52b8fa2be49cdcd09419b7eb68cc41cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 201
cf-polished: origSize=3364
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 13:41:04 GMT
server: cloudflare
etag: W/"0985eb89efd81:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 79e8f11719603651-FRA

GET
H2 200 sweetalert.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 66 KB
13 KB 57ms
48ms Script
text/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/sweetalert.min.js?sv=2020-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e9ba03a8a5758af4c04710d3d08e5ceec146eb2c0ac227ba209c8cb487c9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:20:49 GMT
server: cloudflare
age: 4598
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 7178a200-b01e-0034-3aed-20c252000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719613651-FRA

GET
H2 200 spin.min.js Show response
storage.ko-fi.com/cdn/scripts/ Frame 1246 4 KB
2 KB 43ms
35ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/spin.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kgDDN4K7RqLja+sTk6Z5fQ==
age: 1271
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e969aa0f-f01e-0057-48ed-205fa9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 79e8f11719623651-FRA

GET
DATA 200
OK truncated
/ 430 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1246 164 KB
61 KB 113ms
44ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2ce781336a297e48e537482be2a101389cd84906827b789171bdf049f0149c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61984
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 14:37:53 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ Frame 1246 94 KB
22 KB 85ms
13ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/488D) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 674
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (ama/488D)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 27e047e6-c01e-0086-365c-4835d2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Fri, 24 Feb 2023 15:07:53 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ Frame 1246 35 KB
35 KB 22ms
20ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 10:08:47 GMT
x-content-type-options: nosniff
age: 16146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:08:47 GMT

GET
H2 200 fa-regular-400.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/ Frame 1246 30 KB
30 KB 27ms
25ms Font
font/woff2 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/fa-regular-400.woff2
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/all.min.css?v=556np
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca49e3d7bb02bb3e3c9df38c6458fe7608f1f1c1be040a3dd66d35175003c201

Request headers

Referer: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/all.min.css?v=556np
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
cf-cache-status: HIT
content-md5: g5axegU4xkSavtcNslcsvQ==
age: 1657
content-length: 30476
x-ms-lease-status: unlocked
last-modified: Fri, 03 Feb 2023 04:54:24 GMT
server: cloudflare
etag: 0x8DB05A2B8D683F4
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: f7c5aa4d-f01e-0078-6c95-375262000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79e8f1171a2e36dc-FRA

GET
H2 200 fa-brands-400.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/ Frame 1246 7 KB
7 KB 29ms
28ms Font
font/woff2 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/webfonts/fa-brands-400.woff2
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/all.min.css?v=556np
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26a2c96ae1f443759cef9b2b49ae8417ee40225c1a2edb82a78e10b1dc6e372

Request headers

Referer: https://storage.ko-fi.com/cdn/fontawesome/subset-6.2/css/all.min.css?v=556np
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 24 Feb 2023 14:37:53 GMT
cf-cache-status: HIT
content-md5: A6SXyosHlBQeT3+ktrmEvg==
age: 6330
content-length: 7256
x-ms-lease-status: unlocked
last-modified: Fri, 03 Feb 2023 04:54:33 GMT
server: cloudflare
etag: 0x8DB05A2BE614C69
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: dce54344-f01e-0057-659b-375fa9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79e8f1174a8336dc-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 1246 408 KB
163 KB 58ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 09:58:22 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ Frame 1246 121 KB
46 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WDJWZZQ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19923859e104399e2d71bb3b6247ef7b4bfa47fc43c8be6696b2b8a2e7808997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 14:37:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1246 49 KB
20 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 12:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6189
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 14:54:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1246 232 KB
79 KB 44ms
44ms Script
application/javascript 2a00:1450:400d:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f874171c4d2bc2ccd86dd0196966e44aba54863fed71a8a2050fdd00d3eaa7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 14:37:53 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 1246 12 KB
5 KB 323ms
322ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=ko-fi.com&t=xo&v=5.0.356&source=payments_sdk&mrid=9TGR864R5MNFU&client_id=AUIEyoriOCmlEGQq88qYLvzbyuzxmHBN2LoVh3mFxlbKVToHby0pSWGb4j6_uf7RqARdtIjtBgs6QCzV&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AUIEyoriOCmlEGQq88qYLvzbyuzxmHBN2LoVh3mFxlbKVToHby0pSWGb4j6_uf7RqARdtIjtBgs6QCzV&currency=EUR&intent=capture&commit=true&enable-funding=venmo&disable-funding=credit&merchant-id=9TGR864R5MNFU&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-uatyGzb5JdAh8yIjuPRPxsGWFNtdgqqdAcD2OinERly4P6C5' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-uatyGzb5JdAh8yIjuPRPxsGWFNtdgqqdAcD2OinERly4P6C5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 14:37:54 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
paypal-debug-id: f606023d5f1fd
server-timing: "traceparent;desc="00-0000000000000000000f606023d5f1fd-6a768a46c4d8c0bf-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220034-HHN
traceparent: 00-0000000000000000000f606023d5f1fd-7cd89643ef8b5975-01
x-timer: S1677249474.703839,VS0,VE314
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 toasts Show response
ko-fi.com/api/session/ Frame 1246 29 B
492 B 201ms
200ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/api/session/toasts?_=1677249473157

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4eed0beb75c73a24384275418323653a2de7920da9e8f390528302b5d7f51e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
X-Requested-With: XMLHttpRequest
Request-Id: |cVO+p.pBT0Q
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 143
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 14:37:53 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 79e8f11b0f8d3651-FRA

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FA85 46 KB
25 KB 25ms
25ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=quenkzluu4l9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa2a535e13ba4b59e69f5aeecd88e0952f5850010866d3ea8bdcaeb129811956

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OKU_ZkmHJ2HFx3co-REQCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko-fi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25480
content-security-policy: script-src 'report-sample' 'nonce-OKU_ZkmHJ2HFx3co-REQCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 14:37:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame FA85 55 KB
24 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=quenkzluu4l9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 17:15:26 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame FA85 408 KB
163 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 09:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 09:58:22 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FA85 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:21:16 GMT
x-content-type-options: nosniff
age: 602197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 24 Feb 2023 15:21:16 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FA85 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:22:37 GMT
x-content-type-options: nosniff
age: 65716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 20:22:37 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FA85 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 106797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 08:57:56 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FA85 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=quenkzluu4l9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 24 Feb 2023 14:37:53 GMT

GET
H2 200 ts
t.paypal.com/ Frame 1246 42 B
817 B 262ms
184ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Support%20KillTeamSeller%20on%20Ko-fi!%20%E2%9D%A4%EF%B8%8F.%20ko-fi.com%2Fkillteamseller%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&dh=1200&dw=1600&bh=704&bw=530&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1677249474037&g=0&completeurl=https%3A%2F%2Fko-fi.com%2Fkillteamseller%2F%3Fhidefeed%3Dtrue%26widget%3Dtrue%26embed%3Dtrue%26preview%3Dtrue&ru=https%3A%2F%2Fko-fi.com%2Fkillteamseller&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 24 Feb 2023 14:37:54 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7dbcddfb70d3c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn-etou8220078-HHN
pragma: no-cache
traceparent: 00-00000000000000000007dbcddfb70d3c-5429362aac658aa4-01
x-timer: S1677249474.121140,VS0,VE172
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Feb 2023 14:37:54 GMT

GET
H2 200 PageLoaded Show response
ko-fi.com/buttons/ Frame 1246 34 B
256 B 203ms
203ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/buttons/PageLoaded?pageId=B0B879QY0

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4199476604d204f5695f658fe3f1c1fca5e608f1f91eebc48a17016a2f379920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
X-Requested-With: XMLHttpRequest
Request-Id: |cVO+p.KmYld
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 14:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 152
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 14:13:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 79e8f11e6d1c3651-FRA

POST
H2 204 rum Show response
ko-fi.com/cdn-cgi/ Frame 1246 0
167 B 14ms
13ms XHR
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/cdn-cgi/rum?

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true
Request-Id: |cVO+p.awSnv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 24 Feb 2023 14:37:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ko-fi.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 79e8f11e6d283651-FRA

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 16ms
16ms XHR
text/plain 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://payments.kts.pm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 24 Feb 2023 14:37:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://payments.kts.pm
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 79e8f11edbeb2bee-FRA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 34ms
8ms Preflight
text/plain 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.kts.pm
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://payments.kts.pm
access-control-max-age: 86400
cf-ray: 79e8f11ecbcf2bee-FRA
content-encoding: gzip
content-type: text/plain
date: Fri, 24 Feb 2023 14:37:54 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ Frame 1246 351 B
537 B 70ms
70ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

808a7499bd18b0436a565a43f7e3248dfdcb4495e974a3432c1592103f621266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko-fi.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 003A0FA0-7983-48C6-BB25-840CDA81FD9A
strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 14:37:53 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 351

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 170ms
19ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://ko-fi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Fri, 24 Feb 2023 14:37:53 GMT
x-content-type-options: nosniff

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 1246 1005 B
1 KB 202ms
201ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f2f1520f77850c42a0cad29720041b21aee58e1edcf504bc1d33bbe07f3e472

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://ko-fi.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Fri, 24 Feb 2023 14:37:54 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f639461b2024e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220029-HHN
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f639461b2024e-fbf8d5960c4fbdb9-01
x-timer: S1677249475.604393,VS0,VE192
etag: W/W/"3ed-xYV4W1WA8QUbRsD5v9oeh+v9N6Q"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ko-fi.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 247ms
232ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ko-fi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://ko-fi.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 24 Feb 2023 14:37:54 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f606023260e3d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f606023260e3d-5bca90b41c54fd3c-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220029-HHN
x-timer: S1677249474.371234,VS0,VE225

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ko-fi.com/	1970-01-20 18:39:45	Name: ai_user Value: gW3xn\|2023-02-24T14:37:53.251Z
.ko-fi.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 5b4cb4676eb8f445cad5285b5ed6897cef17ac6e723835096d8b46cda193c1b3
ko-fi.com/	1970-01-20 09:54:11	Name: ai_session Value: jXEtn\|1677249473999.3\|1677249473999.3
.paypal.com/	1970-01-20 19:30:09	Name: ts Value: vreXpYrS%3D1771943874%26vteXpYrS%3D1677251274%26vr%3D83dbeea31860aa596a819f86ffffffff%26vt%3D83dbeea31860aa596a819f86fffffffe
.paypal.com/	1970-01-20 19:30:09	Name: ts_c Value: vr%3D83dbeea31860aa596a819f86ffffffff%26vt%3D83dbeea31860aa596a819f86fffffffe

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ko-fi.com/killteamseller/?hidefeed=true&widget=true&embed=true&preview=true Message: The resource https://ko-fi.com/Scripts/sections/profile.js?v=174mo was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cloudflareinsights.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
ko-fi.com
payments.kts.pm
publicapi.killteamseller.it
static.cloudflareinsights.com
storage.ko-fi.com
t.paypal.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
13.69.106.212
151.101.129.21
151.101.129.35
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:1d50
2606:4700:10::ac43:1a15
2606:4700:3030::6815:3250
2606:4700:3036::6815:284f
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6811:180e
2a00:1450:4001:80f::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:400d:802::200a
2a00:1450:400d:803::2008
2a00:1450:400d:806::2003
01a70a91af22eccc32e847443edb02b204b2d0ce9e597475fdc379af7af58e46
032c3426e86a5fa74ded270cd1f36b254062b4a894f4f259f6306d719a6f9a62
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fae7019e31e6127ad883d031a36290b83b3ac7d03a6ee109b391d9b0fb9270a
19923859e104399e2d71bb3b6247ef7b4bfa47fc43c8be6696b2b8a2e7808997
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d52222f35e6fa207eab568926809ae3ee40daeb060de500c84eb5e44b0238c2
1d873b920906be14104ff25dfa3f82c634d186291dd24c50d773868df10d0e10
1d9dd57f3ccdd051da3196d7ae95340d045375a9c779e96463aec96c237b575a
1f874171c4d2bc2ccd86dd0196966e44aba54863fed71a8a2050fdd00d3eaa7c
230dfe932c96d70d1c26e51598c160aeb2a0b822468c509369a0bf6ff1fe1934
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
26a4b13ec84938d4b4d4669bd112ed375360fd481a7300362f696746bcf42098
314c24539472b73912ca8fa85d18eba96851bcb57eef99ae5bc3158a4d2eec7c
326e3e44baaa7e66ecc9b4028832096c41b3a1796cc2b377020b2b85852d3287
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
3534a94a26fd90fe12564f6cde78f6f16b34d6a92fea60653ac44a9ea77481f8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4199476604d204f5695f658fe3f1c1fca5e608f1f91eebc48a17016a2f379920
41b8027883c1b4614b83ade0d791e80da436d8eed1b3d9cdab85c32f7c58b3ae
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
4c225caabe08a9a0613e1257efa5cda80cd82cf2798e5ea0479a20c75f3ca91c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e8cc4ba5549dcc0cad28f35fba9241a0dd184633dd561d0957b605de99fdac8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ec1f31f623d90cabadbf5b17f01cd5e84025b8e3125e73649c6058bbf41cccd
745e14c538ef9dec8f64f172807ff960dbc9625a8dc325205cd517cff3743b50
77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df
7cb90d339a5e25d8ebb5a33c98f70f9f18db16b7cff8b1dd80c0ee049eeee45f
808a7499bd18b0436a565a43f7e3248dfdcb4495e974a3432c1592103f621266
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
89d2e87bd79191af306f424d635ebf6bab09aa45216324b8c06e1a5dd6ea7bb3
8a7c3ab3bfcc6534917a25a610fa4afd169e6ce7244fd330899fb1607c46db16
8c258b4c6e47586ade529a866721f9eb52b8fa2be49cdcd09419b7eb68cc41cf
8f8dc401cbf7656ab8c22eeecb17c6431f44fa5fdda38c45edfcec7416afc134
94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9622e211d37ae0b5461bb7be2be5a6c5a4cc08dbc1393a5ce3c3af89492ad457
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9f2f1520f77850c42a0cad29720041b21aee58e1edcf504bc1d33bbe07f3e472
a26a2c96ae1f443759cef9b2b49ae8417ee40225c1a2edb82a78e10b1dc6e372
a418c0c8d1408cd018f2f7cce33b09b6ace01ea4387b301da0617dcd150d8f12
a4fdb686bb2241b8a29e194b0ec6db16f997bde526ae5b37b8ab3c48aaa7a747
a547652943e11dd21e7a0c39fae37b84c6dd27de5efff7ea4f45cde43c938f89
a99b9035ae927bb4e03c51fcb15052c6d0da72dfdd26ae0e6e275ebd7394bcf7
aa2a535e13ba4b59e69f5aeecd88e0952f5850010866d3ea8bdcaeb129811956
ad25c6bd6ba03f03f3a9035435a779bc0c1ccd4e2069b40aca84a1003d531ca8
aebeb497f80f18385e6f849693005848eca5b89076f52e63d06cc4b179c129d9
b0ccd89551b3cb44b0a7dc2b8439957a38f3c6fd898c02f178f00312df122794
b4eed0beb75c73a24384275418323653a2de7920da9e8f390528302b5d7f51e0
b6e9ba03a8a5758af4c04710d3d08e5ceec146eb2c0ac227ba209c8cb487c9a2
b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c
be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82
c1a530561445a04de07004151be3276986493fcbfb678848ad0d24afb9376d56
c7390975fc3e41ad5ec9d1870edc3103f7c498dd82dce4bbaf22a9e7bba96b77
c93f0a37ee3c61f4d4e0a8ecc78569906b50e1f4f8ec9f9a0422e3545e571ddc
ca49e3d7bb02bb3e3c9df38c6458fe7608f1f1c1be040a3dd66d35175003c201
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
cb2134d2d0e6ad0bda36ad2228b5ac3f86370d08efbc52eda3b98bde5601bf1c
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0d57419d80d1d4593e5e9ed1723642b8cb1d4d01fb80b2724dc4f6173a66607
d2ce781336a297e48e537482be2a101389cd84906827b789171bdf049f0149c0
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d572ff1ca550d8e3187a5c32e49b7e8139ad08a8ff756c9538c1575fcca21c76
d6039132dd92d0e02754d7aa0071e246ff80a5cdad5bccd2e6b8f2507c05ba09
d69482b93d15739ec51c73af7b5ed909c9a49c8ffa23709adff2fca9fdbd7995
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
dee3f12023dcf49e0ce012af54bbf8e5d1b77e774ac192c3393d8ddb898ac332
e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ceef78063356cd19579a96558530ccde19fda481a7d2876d69d86ecb97dc60
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

payments.kts.pm Open in urlscan Pro 2606:4700:3036::6815:284f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

82 %IPv6

14 Domains

18 Subdomains

18 IPs

4 Countries

1278 kBTransfer

3740 kBSize

5 Cookies

3 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

payments.kts.pm Open in urlscan Pro
2606:4700:3036::6815:284f Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

82 %
IPv6

14
Domains

18
Subdomains

18
IPs

4
Countries

1278 kB
Transfer

3740 kB
Size

5
Cookies

87 HTTP transactions
1 data transactions