ko-fi.com Open in urlscan Pro
2606:4700:10::ac43:1a15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mallard.studio/
Effective URL:
https://ko-fi.com/malard
Submission: On January 17 via api (January 17th 2024, 1:00:37 am UTC) from US — Scanned from DE

Summary HTTP 121 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 121 HTTP transactions. The main IP is 2606:4700:10::ac43:1a15, located in United States and belongs to CLOUDFLARENET, US. The main domain is ko-fi.com. The Cisco Umbrella rank of the primary domain is 40764.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time ko-fi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
82	2606:4700:10:... 2606:4700:10::ac43:1a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:1d50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1 1	2a03:2880:f27... 2a03:2880:f276:1c3:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f27... 2a03:2880:f276:1e9:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	34.215.162.111 34.215.162.111	16509 (AMAZON-02) (AMAZON-02)
2	13.69.106.212 13.69.106.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
121	17

1 2001:4860:4802:38::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

mallard.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2606:4700:10::ac43:1a15 (United States)

ASN13335 (CLOUDFLARENET, US)

ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:1d50 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ko-fi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:1c3:face:b00c:0:43fe (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f276:1e9:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.162.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-162-111.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	ko-fi.com ko-fi.com — Cisco Umbrella Rank: 40764 storage.ko-fi.com — Cisco Umbrella Rank: 46295	2 MB
8	gstatic.com fonts.gstatic.com www.gstatic.com	518 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	166 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	36 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 729	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	177 KB
2	instagram.com 1 redirects platform.instagram.com — Cisco Umbrella Rank: 9991 www.instagram.com — Cisco Umbrella Rank: 1831	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	250 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383	22 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
1	mallard.studio 1 redirects mallard.studio	219 B
121	14

	Domain	Requested by
50	ko-fi.com	ko-fi.com az416426.vo.msecnd.net storage.ko-fi.com
37	storage.ko-fi.com	ko-fi.com storage.ko-fi.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	ko-fi.com www.gstatic.com www.google.com
3	q.stripe.com	ko-fi.com
3	js.stripe.com	ko-fi.com js.stripe.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	ko-fi.com www.googletagmanager.com
2	fonts.googleapis.com	ko-fi.com
1	m.stripe.com	m.stripe.network
1	www.google.de	ko-fi.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	az416426.vo.msecnd.net	ko-fi.com
1	www.instagram.com	ko-fi.com
1	platform.instagram.com	1 redirects
1	static.cloudflareinsights.com	ko-fi.com
1	mallard.studio	1 redirects
121	20

This site contains links to these domains. Also see Links.

Domain
help.ko-fi.com
www.pinterest.com
twitter.com
storage.ko-fi.com
mail.google.com
more.ko-fi.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-02` - `2024-08-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ko-fi.com/malard
Frame ID: 3EF64DFC4A22A090B84A1B317BD384BE
Requests: 104 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 5AA9E4310369574DC8E0D6CB0A3B49B4
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=brqt1t2vdmc5
Frame ID: D24139B763FD77DA61ADB2409FC8D2F9
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7ABB1AF70869F940189A77CC3E04C29F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy Malard a Coffee. ko-fi.com/malard - Ko-fi ❤️ Where creators get support from fans through donations, memberships, shop sales and more! The original 'Buy Me a Coffee' Page.

Page URL History Show full URLs

http://mallard.studio/ HTTP 302
https://ko-fi.com/malard Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

121
Requests

99 %
HTTPS

79 %
IPv6

14
Domains

20
Subdomains

17
IPs

4
Countries

3114 kB
Transfer

6203 kB
Size

10
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://help.ko-fi.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3a%2f%2fko-fi.com%2fmalard%2fgallery

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Malard%27s+Ko-fi+Gallery&url=https%3a%2f%2fko-fi.com%2fmalard%2fgallery

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3a%2f%2fko-fi.com%2fi%2fIM4M2SX41X

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=I+just+shared+%27Visible+VFX+through+walls%27+on+Ko-fi.&url=https%3a%2f%2fko-fi.com%2fi%2fIM4M2SX41X

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3a%2f%2fko-fi.com%2fi%2fIJ3J6SUR0O

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=I+just+shared+%27%27+on+Ko-fi.&url=https%3a%2f%2fko-fi.com%2fi%2fIJ3J6SUR0O

Search URL Search Domain Scan URL

URL: https://storage.ko-fi.com/cdn/useruploads/display/f2a0a212-1d5c-42a4-a2f9-47d9244572c1_screenshot00014.png

Search URL Search Domain Scan URL

URL: https://storage.ko-fi.com/cdn/useruploads/display/b7aaef3b-5f15-4b5a-91e2-f005037e3a07_screenshot00013.png

Search URL Search Domain Scan URL

URL: https://storage.ko-fi.com/cdn/useruploads/display/96b874fa-8890-4f7b-a506-3d86c1e90308_screenshot00012.png

Search URL Search Domain Scan URL

URL: https://storage.ko-fi.com/cdn/useruploads/display/b6d1d4ac-eab2-4c2a-a54f-e31d4b1ae872_screenshot00015.png

Search URL Search Domain Scan URL

URL: https://mail.google.com/mail/u/0/#search/ko-fi
Title: Check your Gmail inbox

Search URL Search Domain Scan URL

URL: https://more.ko-fi.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://more.ko-fi.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mallard.studio/ HTTP 302
https://ko-fi.com/malard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

121 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request malard Show response
ko-fi.com/
Redirect Chain

http://mallard.studio/
https://ko-fi.com/malard

314 KB
57 KB

607ms
539ms

Document
text/html

2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd29401dfc32462a6aeab4afba1daa1f5247a505ae0ea0c541fbbe90ee6053c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
arr-disable-session-affinity: True
cache-control: private
cf-cache-status: EXPIRED
cf-ray: 846aa9655cc11e18-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 01:00:31 GMT
last-modified: Tue, 16 Jan 2024 20:33:07 GMT
referrer-policy: strict-origin-when-cross-origin
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 221
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Jan 2024 01:00:30 GMT
Location: https://ko-fi.com/malard
Server: ghs
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;700;800&display=swap

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cced72a5fc90de9cbfa59c691d65be471f67d2aae3e3ed37ebe476bf2b0c7030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 00:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 01:00:31 GMT

GET
H2 200 all.min.css
storage.ko-fi.com/cdn/fontawesome/subset-6.4/css/ 62 KB
9 KB 100ms
39ms Stylesheet
text/css 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.4/css/all.min.css
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0294c443a2894db92ded5e6a756cb7cbce8e13ad59752aadfc24a8a1419cf77b

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: xFn3mli+KhGNfMdDwQ/vhg==
age: 1392
x-ms-lease-status: unlocked
last-modified: Thu, 23 Nov 2023 04:18:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: df19add1-801e-0018-1b90-2235a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa9691855bb67-FRA

GET
H2 200 css
ko-fi.com/Content/ 419 KB
76 KB 43ms
42ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/css?v=GRO6AVTadj242Tze-lnTnRhbHU7H7ORWJqWmmoBUhIE1

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b56e9d9d43a289272d196982a483b264cc3dc936261f2f77c77d717bc188c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=521105
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 17 Jan 2024 00:51:36 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
cf-ray: 846aa968be811e18-FRA
expires: Thu, 16 Jan 2025 00:51:36 GMT

GET
H2 200 profile.js Show response
ko-fi.com/Scripts/sections/ 466 B
420 B 41ms
40ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/sections/profile.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c225caabe08a9a0613e1257efa5cda80cd82cf2798e5ea0479a20c75f3ca91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=781
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa968be851e18-FRA

GET
H2 200 ae930cb2-b6fa-4a03-a9ff-77daa7b32ac2_png_31daf9ba-6eee-41cc-a9f2-45c8d6c0b759cover.png
storage.ko-fi.com/cdn/useruploads/ 586 KB
587 KB 258ms
254ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/ae930cb2-b6fa-4a03-a9ff-77daa7b32ac2_png_31daf9ba-6eee-41cc-a9f2-45c8d6c0b759cover.png?v=e688b799-5719-449d-b605-3b639c881ecb
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0727dbbef4c7b2fd79ce259379b1412cfbc544e14711f192f98fafe3f1212c98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: REVALIDATED
content-md5: tKicpHDoXer7M9SXgU8LRA==
cf-polished: origFmt=png, origSize=861994
content-disposition: inline; filename="ae930cb2-b6fa-4a03-a9ff-77daa7b32ac2_png_31daf9ba-6eee-41cc-a9f2-45c8d6c0b759cover.webp"
content-length: 600196
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Thu, 21 Dec 2023 17:54:09 GMT
server: cloudflare
etag: 0x8DC024DD5321B39
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 0cf71dd4-901e-0025-7e11-458083000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa969ef551e18-FRA

GET
H2 200 profileV2.css
ko-fi.com/Content/ 50 KB
9 KB 42ms
41ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/profileV2.css?v=653tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c317e600368907495485eade9310ab77770f7bd2bb27bb85f95e9a089173d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: status=cannot_optimize
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:48 GMT
server: cloudflare
etag: W/"064d9826648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa968be821e18-FRA

GET
H2 200 vue.2.6.11.min.js Show response
storage.ko-fi.com/cdn/scripts/ 91 KB
33 KB 65ms
48ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/vue.2.6.11.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: sXMcYZxc/o+Z+t1jmj/MMA==
age: 5264
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5cc8f282-e01e-0021-14f9-0b7501000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa968de8e1e18-FRA

GET
H2 200 lodash.4.17.15.min.js Show response
storage.ko-fi.com/cdn/scripts/ 72 KB
24 KB 64ms
47ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/lodash.4.17.15.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f73c0015652859ca111e91691ddc2be33b28a82f1423f1e4268ab506d1c9477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: h88tQMJSxyZ1SZmQDpMv5g==
age: 2734
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5f2bf9a4-f01e-003e-3dad-22ae11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa968de8c1e18-FRA

GET
H2 200 fa-regular-400.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.4/webfonts/ 28 KB
28 KB 98ms
38ms Font
font/woff2 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.4/webfonts/fa-regular-400.woff2
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e56e7a5a8165248aed56c16515460681f2ff31bae3e031fdabb84ba8afc8a9c

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
cf-cache-status: HIT
content-md5: eWEeKz31YyNDf61Fs+xV+Q==
age: 9
content-length: 28904
x-ms-lease-status: unlocked
last-modified: Thu, 23 Nov 2023 04:18:06 GMT
server: cloudflare
etag: 0x8DBEBDB3149B1EE
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: bfd23d75-301e-0045-1b90-22c5a1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa9691856bb67-FRA

GET
H2 200 fa-solid-900.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.4/webfonts/ 18 KB
19 KB 95ms
35ms Font
font/woff2 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.4/webfonts/fa-solid-900.woff2
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df1e4f8c20f7a9f7a0b6a96a046c7a60f899dc1ba9069fbe1aec2ef89b12826f

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
cf-cache-status: HIT
content-md5: t+8GTZEvUi8oqesrXynKuA==
age: 7194
content-length: 18584
x-ms-lease-status: unlocked
last-modified: Thu, 23 Nov 2023 04:18:07 GMT
server: cloudflare
etag: 0x8DBEBDB324AF3E5
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: a831d19d-001e-0009-7bb5-2202be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa9691857bb67-FRA

GET
H2 200 fa-brands-400.woff2
storage.ko-fi.com/cdn/fontawesome/subset-6.4/webfonts/ 7 KB
8 KB 97ms
37ms Font
font/woff2 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/fontawesome/subset-6.4/webfonts/fa-brands-400.woff2
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c11ccf2278145893cf2d10bc013b41d754b6559c98de5fae342c158d5082007

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
cf-cache-status: HIT
content-md5: SZelxqfBkGcyiEyBfzMMNA==
age: 3328
content-length: 7636
x-ms-lease-status: unlocked
last-modified: Thu, 23 Nov 2023 04:18:07 GMT
server: cloudflare
etag: 0x8DBEBDB320801FF
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
x-ms-request-id: 0e00a386-901e-0043-2990-2232d9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa9691858bb67-FRA

GET
H2 200 jquery-2.0.0.min.js Show response
storage.ko-fi.com/cdn/scripts/ 81 KB
29 KB 63ms
46ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LtyULAvSR2volnqfeI2eJg==
age: 372
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 11433027-f01e-0058-4eb2-0c1c4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa968de8d1e18-FRA

GET
H2 200 lite-yt-embed.css
ko-fi.com/lib/lite-youtube-embed-master/ 2 KB
1 KB 43ms
43ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/lite-youtube-embed-master/lite-yt-embed.css?v=653tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7c3ab3bfcc6534917a25a610fa4afd169e6ce7244fd330899fb1607c46db16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=2587
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa968be831e18-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 131ms
24ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

59e08331ffde7b2e6e9355e55780d9bcd495ef7f29f700381e7a5d3c06d59867

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 Jan 2024 01:00:31 GMT

GET
H2 200 registerandlogin.css
ko-fi.com/Content/ 4 KB
1 KB 41ms
41ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/registerandlogin.css?v=3

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

361ef6361b8708994b00dd261202e4a1a285f895d277c1c5d20d2397a025b0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=6878
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:48 GMT
server: cloudflare
etag: W/"064d9826648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa968be841e18-FRA

GET
H2 200 logo_white_stroke_small.png
storage.ko-fi.com/cdn/brandasset/ 5 KB
6 KB 36ms
32ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/brandasset/logo_white_stroke_small.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b4cbb864b7f74f6da00206715552fdaeb8e63e82c1173c058af14c75514256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
cf-cache-status: HIT
content-md5: qHbAlDUibuWaigWQwa+Xyw==
age: 3401
cf-polished: origFmt=png, origSize=12997
content-disposition: inline; filename="logo_white_stroke_small.webp"
content-length: 5414
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:58 GMT
server: cloudflare
etag: 0x8DAB54181F9A844
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 8bf64fea-801e-0018-32e7-0c35a5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa9692ebe1e18-FRA

GET
H2 200 loading.svg
storage.ko-fi.com/cdn/ 579 B
584 B 36ms
33ms Image
image/svg+xml 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/loading.svg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: cE+f6ga+XSnmqRTc3dp4Pg==
age: 6954
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ec249c9f-201e-0037-2d67-23b49f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa9692ebf1e18-FRA

GET
H2 200 photoswipe.css
ko-fi.com/lib/photoswipe/ 4 KB
2 KB 41ms
39ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/photoswipe/photoswipe.css

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e384dbfa5ec29adb4c88af8e8250db6dfbc903495c08163ef0fd6e16fbec8c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=7369
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa9696eda1e18-FRA

GET
H2 200 swiper-bundle.min.css
ko-fi.com/lib/swiperjs/v8.4.6/ 16 KB
5 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/swiperjs/v8.4.6/swiper-bundle.min.css

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67debf7546f60c16b1cd96d07b3a9d3851c3ac91aba126d9d88ce9f6a73dabb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 56
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa9696edc1e18-FRA
x-xss-protection: 1; mode=block

GET
H2 200 shopcommission.css
ko-fi.com/Content/ 3 KB
1 KB 42ms
42ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/shopcommission.css?v=653tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7b18d036d06493f9b8c2fdbd65c5d89894aa69007bda2e6e9d25799fe7f665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=4258
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:48 GMT
server: cloudflare
etag: W/"064d9826648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa969af0d1e18-FRA

GET
H2 200 cc1819e8-1c6b-4ff6-bd2a-88f603af711c_18b130d2-14f8-498f-88c9-f7839c1599d7.png
storage.ko-fi.com/cdn/useruploads/ 89 KB
89 KB 230ms
230ms Image
image/png 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/cc1819e8-1c6b-4ff6-bd2a-88f603af711c_18b130d2-14f8-498f-88c9-f7839c1599d7.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e26b16a27085c6d20786f6ceb4d0f18db1c4e00a4abb5793359bb8e1a363a61c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: MISS
content-md5: NlyL0WozWsERHk7gNpKcdA==
content-length: 91130
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 14:20:20 GMT
server: cloudflare
etag: 0x8DBEB6628BEA944
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 5a26ff3c-c01e-0050-32e0-480738000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa969af0f1e18-FRA

GET
H2 200 cup-border.png
storage.ko-fi.com/cdn/ 6 KB
6 KB 51ms
41ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/cup-border.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
cf-cache-status: HIT
content-md5: nt+i2V4lVEX5fauLp9jhTw==
age: 5282
cf-polished: origFmt=png, origSize=11273
content-disposition: inline; filename="cup-border.webp"
content-length: 6016
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Sun, 23 Oct 2022 21:56:48 GMT
server: cloudflare
etag: 0x8DAB5417C366016
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 10f997b2-501e-0033-16d0-00411d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa969cf201e18-FRA

GET
H2 200 kofi_stroke_cup.svg
storage.ko-fi.com/cdn/ 865 B
647 B 94ms
90ms Image
image/svg+xml 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/kofi_stroke_cup.svg
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb2134d2d0e6ad0bda36ad2228b5ac3f86370d08efbc52eda3b98bde5601bf1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: LKIvaQFeuMb8PTIQiGCnVg==
age: 6818
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5218fc2d-001e-002b-3ee4-216c88000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef561e18-FRA

GET
H2 200 f2a0a212-1d5c-42a4-a2f9-47d9244572c1_screenshot00014.png
storage.ko-fi.com/cdn/useruploads/post/ 142 KB
143 KB 413ms
409ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/f2a0a212-1d5c-42a4-a2f9-47d9244572c1_screenshot00014.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee1a1713fb00eb6aa7e2c1dab97c7b80fe2d26185f698fa7956836308addaea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: REVALIDATED
content-md5: yvvGep6y7gTNDFr7uX87dw==
cf-polished: origFmt=png, origSize=228849
content-disposition: inline; filename="f2a0a212-1d5c-42a4-a2f9-47d9244572c1_screenshot00014.webp"
content-length: 145912
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Thu, 23 Nov 2023 07:42:48 GMT
server: cloudflare
etag: 0x8DBEBF7C9EF8C52
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 80423e0c-701e-006b-140c-484566000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa969ef571e18-FRA

GET
H2 200 loading.svg
ko-fi.com/img/ 579 B
459 B 70ms
66ms Image
image/svg+xml 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/loading.svg

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 56
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: image/svg+xml
cf-ray: 846aa969ef581e18-FRA
x-xss-protection: 1; mode=block

GET
H2 200 931b11c4-e315-4daf-aece-8a9b6a53546c_18b130d2-14f8-498f-88c9-f7839c1599d7.png
storage.ko-fi.com/cdn/useruploads/post/ 86 KB
86 KB 412ms
409ms Image
image/png 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/931b11c4-e315-4daf-aece-8a9b6a53546c_18b130d2-14f8-498f-88c9-f7839c1599d7.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 411de7b9ffcd20abd35dff92e60dd9a1ca19cc8b5fe2209c6831ff3cff945605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: MISS
content-md5: HdhlSmdiy7kUvkijZzf+mw==
content-length: 87945
x-ms-lease-status: unlocked
last-modified: Wed, 22 Nov 2023 14:20:20 GMT
server: cloudflare
etag: 0x8DBEB6628BE4CE3
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 55e2d87c-d01e-0029-0ce0-486e72000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa969ef591e18-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 151ms
45ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 846aa96a680991d8-FRA

GET
H2 200 jquery.unobtrusive-ajax.min.js Show response
storage.ko-fi.com/cdn/scripts/ 4 KB
2 KB 47ms
38ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery.unobtrusive-ajax.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 314c24539472b73912ca8fa85d18eba96851bcb57eef99ae5bc3158a4d2eec7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: beuh7IuiH/NF+6Wy7GBbTg==
age: 372
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 54780ff4-801e-0013-0f00-132dd1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf221e18-FRA

GET
H2 200 jquery-sortable-min.js Show response
storage.ko-fi.com/cdn/scripts/ 11 KB
3 KB 50ms
41ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-sortable-min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b8027883c1b4614b83ade0d791e80da436d8eed1b3d9cdab85c32f7c58b3ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: zLsNVQZjevliZPpyAemGfQ==
age: 6954
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c1874f9b-501e-0038-23df-215969000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf231e18-FRA

GET
H2 200 jquery.validate.min.js Show response
storage.ko-fi.com/cdn/scripts/jquery-validate/1.15.1/ 22 KB
8 KB 49ms
40ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-validate/1.15.1/jquery.validate.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: RBKaOLU74PoHrzeHRg6LdQ==
age: 2707
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6e9e2568-301e-0023-4c76-1677fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf261e18-FRA

GET
H2 200 jquery.validate.unobtrusive.min.js Show response
storage.ko-fi.com/cdn/scripts/jquery-validation-unobtrusive/3.2.6/ 5 KB
2 KB 70ms
61ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/jquery-validation-unobtrusive/3.2.6/jquery.validate.unobtrusive.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: ZaQbKNkH4sv5/b3yz0M3vw==
age: 427
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bd284e20-101e-0059-6552-121db6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf271e18-FRA

GET
H2 200 shared.js Show response
ko-fi.com/Scripts/ 9 KB
3 KB 52ms
43ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/shared.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef96dcca2d81249b773d184d1b77fc755cc43512638e23fbf4b1bec488d22b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=13743
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969cf281e18-FRA

GET
H2 200 CustomGoogleTagManagerEvents.js Show response
ko-fi.com/Scripts/ 2 KB
749 B 48ms
39ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/CustomGoogleTagManagerEvents.js?v=8

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52222f35e6fa207eab568926809ae3ee40daeb060de500c84eb5e44b0238c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=3203
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969cf291e18-FRA

GET
H2 200 bootstrap.min.js Show response
storage.ko-fi.com/cdn/scripts/ 28 KB
8 KB 54ms
46ms Script
text/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/bootstrap.min.js?sv=2019-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
age: 5754
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 84f81d4d-901e-0048-6a42-122aad000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf2a1e18-FRA

GET
H2 200 respond.min.js Show response
storage.ko-fi.com/cdn/scripts/ 5 KB
3 KB 53ms
45ms Script
text/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/respond.min.js?sv=2019-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
age: 4159
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: a7b1e930-b01e-0056-63bf-500075000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf2b1e18-FRA

GET
H2 200 backbutton-close-modal.js Show response
ko-fi.com/Scripts/ 1 KB
480 B 70ms
62ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/backbutton-close-modal.js?v=8

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e8cc4ba5549dcc0cad28f35fba9241a0dd184633dd561d0957b605de99fdac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=1603
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969cf2c1e18-FRA

GET
H2 200 toastr.2.1.3.min.js Show response
storage.ko-fi.com/cdn/scripts/ 5 KB
2 KB 45ms
37ms Script
application/javascript 2606:4700:10::6816:1d50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/toastr.2.1.3.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: x6exIuOORjGk8ES5+3SDtQ==
age: 4832
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a6d54972-b01e-001b-02a1-0c36a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969c8a3bb67-FRA

GET
H2 200 modal-steps.min.js Show response
storage.ko-fi.com/cdn/scripts/ 3 KB
1 KB 51ms
44ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/modal-steps.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fae7019e31e6127ad883d031a36290b83b3ac7d03a6ee109b391d9b0fb9270a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: VNyHtclKfE3whzFX2YPzhA==
age: 2129
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:20:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 192acbb5-b01e-005f-5de4-21eace000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969cf2d1e18-FRA

GET
H2 200 commentsScripts.js Show response
ko-fi.com/Scripts/ 12 KB
3 KB 698ms
690ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/commentsScripts.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f52ed5805908383b037a53614a34717417b4c78d94a9d1af71c3c0be55a7455f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 846aa969cf2e1e18-FRA
content-length: 2804
x-xss-protection: 1; mode=block

GET
H2 200 lite-yt-embed.js Show response
ko-fi.com/lib/lite-youtube-embed-master/ 3 KB
1 KB 69ms
61ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/lite-youtube-embed-master/lite-yt-embed.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d9dd57f3ccdd051da3196d7ae95340d045375a9c779e96463aec96c237b575a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=7422
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969cf2f1e18-FRA

GET
H2 200 gallery-item-view.js Show response
ko-fi.com/Scripts/modules/ 5 KB
2 KB 49ms
42ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/modules/gallery-item-view.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a8c46134bc64383c11f1934724607ad683f4d2ed1c10489f03ed01b10d8b44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=11046
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969cf301e18-FRA

GET
H2 200 / Show response
js.stripe.com/v3/ 584 KB
162 KB 124ms
17ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2e5f2016def030acfe984093f945627d23ecaa14e1f8e1bd017bbcd600bf3358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 01:00:31 GMT
via: 1.1 varnish
age: 24
x-cache: HIT
content-length: 165754
x-request-id: 47469695-9f43-4d75-8c74-0702ead286b2
x-served-by: cache-fra-etou8220046-FRA
last-modified: Tue, 16 Jan 2024 21:28:46 GMT
server: Fastly
etag: "26fb4e6ea0538df0a70835ff27bcca6b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 loadmore.min.js Show response
ko-fi.com/Scripts/plugins/loadmorejs/ 4 KB
2 KB 67ms
60ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/plugins/loadmorejs/loadmore.min.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ec1f31f623d90cabadbf5b17f01cd5e84025b8e3125e73649c6058bbf41cccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
content-length: 1596
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 846aa969cf311e18-FRA

GET
H2 200 loadmore-initialise.js Show response
ko-fi.com/Scripts/loadmore/shared-layout/ 2 KB
697 B 66ms
59ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/loadmore/shared-layout/loadmore-initialise.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

791c6007323c117a570480f4be6c47f9b190ea2c83b160613b3c3748dd1d8ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=2601
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969cf321e18-FRA

GET
H2 200 jquery.charactercounter.js Show response
ko-fi.com/Scripts/ 5 KB
1 KB 95ms
88ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/jquery.charactercounter.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20aca36364f7c307006861215cb515fbce570b1ebeadd23cec96834e8bd11513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=9712
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef411e18-FRA

GET
H2 200 _DirectMessageModal.js Show response
ko-fi.com/Scripts/Views/Shared/ 2 KB
723 B 98ms
92ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/Views/Shared/_DirectMessageModal.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

283e825989e009d13b228f34bb3d721705d576ac2eb4eeaf1be90f727d6d5767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=3458
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef421e18-FRA

GET
H2 200 shop.js Show response
ko-fi.com/Scripts/ 8 KB
3 KB 106ms
99ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/shop.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3cc1d130434e08cef3405f59a4c0817571a73bee9abbd0c71e993f617838d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=16358
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef431e18-FRA

GET
H2 200 swiper-bundle.min.js Show response
ko-fi.com/lib/swiperjs/v8.4.6/ 140 KB
51 KB 75ms
69ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/swiperjs/v8.4.6/swiper-bundle.min.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8966a0426081f47ebc4df82ab440c41e148c50826dca5a79bd9542456849964a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
content-length: 52126
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 846aa969ef441e18-FRA

GET
H2 200 HorizontalScrollScripts.js Show response
ko-fi.com/Content/ 2 KB
786 B 74ms
68ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/HorizontalScrollScripts.js?v=653tv

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c258b4c6e47586ade529a866721f9eb52b8fa2be49cdcd09419b7eb68cc41cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=3364
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:48 GMT
server: cloudflare
etag: W/"064d9826648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef451e18-FRA

GET
H2 200 dark-mode.js Show response
ko-fi.com/Content/ 489 B
416 B 70ms
64ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Content/dark-mode.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

676a8ced09d39d2976f239688c4f104b551338d3b14a9d9bd30d3667ca74d094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=668
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:48 GMT
server: cloudflare
etag: W/"064d9826648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef461e18-FRA

GET
H2 200 float-sidebar.min.js Show response
ko-fi.com/lib/FloatSidebarjs/v1.2.5/ 7 KB
3 KB 107ms
101ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/FloatSidebarjs/v1.2.5/float-sidebar.min.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79488c217fb7c67ae2a169332b61d9b5c5f34446c1f003c93bdcc7edc7c3511a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
content-length: 2507
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 846aa969ef471e18-FRA

GET
H2 200 imageloaded.js Show response
ko-fi.com/Scripts/ 7 KB
2 KB 69ms
63ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/imageloaded.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a034927e7faf2dcc94e0f325de7693821a492402f896d9550320560a93d30c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=10451
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef481e18-FRA

GET
H2 200 wookmark.js Show response
ko-fi.com/Scripts/ 9 KB
3 KB 71ms
65ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/wookmark.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323d462b04302df2414bb7565eb44e5ea0cb1c27200029bd02b57bf373308b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=11159
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef491e18-FRA

GET
H2 200 commissions.js Show response
ko-fi.com/Scripts/ 450 B
467 B 94ms
89ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/commissions.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca85c1812ca68df974c337eb02cfa9ed4d9b9069c337266dfd5e8ace95fdcd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=721
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef4c1e18-FRA

GET
H2 200 owl.carousel.min.js Show response
storage.ko-fi.com/cdn/scripts/ 42 KB
11 KB 72ms
67ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/owl.carousel.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: t7nJfNaOwzbQGnnVvkjFjQ==
age: 1750
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2bc220bd-101e-0034-06dd-feb798000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef4d1e18-FRA

GET
H2 200 ladda.min.js Show response
storage.ko-fi.com/cdn/scripts/ 3 KB
2 KB 96ms
91ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/ladda.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69aaf0dd993c601ae9f2978dc7fc363775d04bc549da9b366779f60ecb81372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: xfyDnZRix+1kBW/a2t65DQ==
age: 1795
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1f358dba-e01e-0047-027e-14c75b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef4e1e18-FRA

GET
H2 200 sweetalert.min.js Show response
storage.ko-fi.com/cdn/scripts/ 66 KB
13 KB 95ms
89ms Script
text/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/sweetalert.min.js?sv=2020-02-02
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e9ba03a8a5758af4c04710d3d08e5ceec146eb2c0ac227ba209c8cb487c9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 23 Oct 2022 22:20:49 GMT
server: cloudflare
age: 2462
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 5b476fc4-801e-0013-6aba-132dd1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef4f1e18-FRA

GET
H2 200 spin.min.js Show response
storage.ko-fi.com/cdn/scripts/ 4 KB
2 KB 92ms
87ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/spin.min.js?v=1
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: kgDDN4K7RqLja+sTk6Z5fQ==
age: 2209
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ccc9f1db-e01e-004c-4f10-21df2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef501e18-FRA

GET
H2 200 registrationScripts.js Show response
ko-fi.com/Scripts/ 827 B
457 B 105ms
100ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/registrationScripts.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec24c83c49aa3e87501ffb4b6180fe136752f93beb0d76ff91ad3fdbd28d1c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=1333
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa969ef511e18-FRA

GET
H2 200 clipboard.js Show response
storage.ko-fi.com/cdn/scripts/ 10 KB
3 KB 72ms
68ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/clipboard.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9214020446336733693110f40ae387236467967a07012ff0f99da8cdf505e281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 2p0uXQGMC6dXbFsTmBaiVw==
age: 1750
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d13af755-d01e-006d-5664-15b21e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef521e18-FRA

GET
H2 200 clipboardCopy.js Show response
storage.ko-fi.com/cdn/scripts/ 923 B
747 B 96ms
92ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/clipboardCopy.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8190ac8f569646b28c013967f583807f87c8fcb83bd5ca22eea00e1ea5fcc6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: vNGr6Hb0sZcn2tIQAB7DNg==
age: 6416
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 887feb34-b01e-0076-15c3-139c8c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef5a1e18-FRA

GET
H2 200 exif.2.3.0.min.js Show response
storage.ko-fi.com/cdn/scripts/ 15 KB
6 KB 69ms
65ms Script
application/javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/exif.2.3.0.min.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e302d8490b8da90eb981f39ca6c30b74568eca809918b273caff1ce3fd0862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: pFdkEVYy/m4mSAmnkN/03Q==
age: 841
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2023 11:51:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2d8a7c67-a01e-0062-3a41-125fe8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa969ef531e18-FRA

GET
H2 200 dropzone.min.js Show response
ko-fi.com/lib/dropzone/v5.9.3/ 112 KB
46 KB 98ms
93ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/dropzone/v5.9.3/dropzone.min.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
content-length: 46845
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 846aa969ef541e18-FRA

GET
H2

200

embed.js Show response
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

56 KB
21 KB

200ms
157ms

Script
application/x-javascript

2a03:2880:f276:1e9:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Server

2a03:2880:f276:1e9:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3fab1f2f6f50fdfc5cf41befe49df96d6709dd7f8ae74dfaf23bcc26902bac24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 01:00:31 GMT
content-md5: f0pJAJ7a3ZVVGVBmrEaMEA==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19725
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: IagYASbVDDhtj8Y/t0AzyPDgKxbNcIIdoJh9dX3UEsAqmpM+nPWcZB3z1TYJSjcYAUA4H2YXbuMHmrvDXBk0ew==
x-fb-content-md5: 2179c7021d3ce2c7f2f77ca192ca3226
cross-origin-opener-policy: same-origin-allow-popups
etag: "135dcfb55691e144e72041c83bf01f8e"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:20:31 GMT

Redirect headers

location: https://www.instagram.com/embed.js
date: Wed, 17 Jan 2024 01:00:31 GMT
server: proxygen-bolt
content-length: 0
content-type: text/plain

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 237 KB
84 KB 130ms
25ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93fe08ed732ba2e098391f0dc6e95c7eaddb8a0fd9ad9b4b189cad164fa90465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85368
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jan 2024 01:00:31 GMT

GET
H2 200 root.css
ko-fi.com/content/ 6 KB
1 KB 41ms
41ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/content/root.css?v=124

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/Content/profileV2.css?v=653tv

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5845500a29b4f113310b4f7ece09f7b15643b169b46609981c75d2460a4a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/Content/profileV2.css?v=653tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=7394
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:48 GMT
server: cloudflare
etag: W/"064d9826648da1:0"
vary: Accept-Encoding
content-type: text/css
cf-ray: 846aa9697ef91e18-FRA

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 124ms
19ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 875
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: eeca8e15-501e-00d3-7ede-48d1eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Wed, 17 Jan 2024 01:30:31 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 119ms
15ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 00:56:20 GMT
x-content-type-options: nosniff
age: 251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 00:56:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
637 B 37ms
34ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito&display=swap

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/Content/shopcommission.css?v=653tv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e88057d4e741063425ffa32850aa6ca5884a63b41a4f3fa09a7799b64b4030d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 00:29:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Jan 2024 01:00:31 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 16 KB
16 KB 74ms
41ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:44:59 GMT
x-content-type-options: nosniff
age: 26132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16292
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 17:44:59 GMT

GET
H2 200 e0b435da-2960-442c-846c-b6fe870734f3_espthingy.png
storage.ko-fi.com/cdn/useruploads/post/ 133 KB
133 KB 236ms
207ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/e0b435da-2960-442c-846c-b6fe870734f3_espthingy.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00bab7ff24939b7a4f59f6d05350b929b37b8b8efe5ee364a3646bc561f714ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:31 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: REVALIDATED
content-md5: rq/8FSDri8+owVlCEBvgFw==
cf-polished: origFmt=png, origSize=204446
content-disposition: inline; filename="e0b435da-2960-442c-846c-b6fe870734f3_espthingy.webp"
content-length: 135920
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Wed, 03 Jan 2024 17:30:42 GMT
server: cloudflare
etag: 0x8DC0C81B60FB8E0
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 087d6154-501e-0038-2511-455969000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa96a6f961e18-FRA

GET
H2 200 4a393a55-4d99-4747-9c45-ee4568c7b4eb_grenedrop.png
storage.ko-fi.com/cdn/useruploads/post/ 14 KB
15 KB 423ms
395ms Image
image/png 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/4a393a55-4d99-4747-9c45-ee4568c7b4eb_grenedrop.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2654f35a94d9e7c15bb5dc521576ac6262f230e52d0d615ac667bb4572708240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: MISS
content-md5: 8v8XK1JeJg9U5gJ1HQ8uyQ==
content-length: 14827
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 06:18:59 GMT
server: cloudflare
etag: 0x8DC0B5AB4EEFD46
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 11bdf21e-501e-001a-6ae0-48375f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa96a6f971e18-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 77ms
24ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ko-fi.com/
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
93 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDF6KQX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

450f12b3b838f43e8bdcaf1f37b29de85e9f7f03d0d9d695e9db73e63cd10bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 17 Jan 2024 01:00:31 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 147ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M13FZ7VQ2C&gtm=45je41a0v888810137z879252603&_p=1705453231586&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=103927268.1705453232&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705453231&sct=1&seg=0&dl=https%3A%2F%2Fko-fi.com%2Fmalard&dt=Buy%20Malard%20a%20Coffee.%20ko-fi.com%2Fmalard%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&en=page_view&_fv=1&_nsi=1&_ss=1&ep.isLoggedIn=no&ep.distinctId=&up.userId=&tfd=1215
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 01:00:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 150ms
31ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M13FZ7VQ2C&cid=103927268.1705453232&gtm=45je41a0v888810137z879252603&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 01:00:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 153ms
35ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-M13FZ7VQ2C&cid=103927268.1705453232&gtm=45je41a0v888810137z879252603&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=365290001

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 01:00:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 toasts Show response
ko-fi.com/api/session/ 29 B
378 B 255ms
243ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/api/session/toasts?_=1705453231707

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4eed0beb75c73a24384275418323653a2de7920da9e8f390528302b5d7f51e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.afh8q
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 143
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:32 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 846aa96e79c91e18-FRA

GET
H2 200 shopcommission.js Show response
ko-fi.com/Scripts/ 6 KB
2 KB 46ms
37ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Scripts/shopcommission.js?v=243jt

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc73565f10eefe163fc67d3bc379f1f49ef4acab08f36e9bc7f0fed4db97b9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko-fi.com/malard
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=12022
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa96e79cb1e18-FRA

GET
H2 200 photoswipe-lightbox.esm.js Show response
ko-fi.com/lib/photoswipe/ 17 KB
5 KB 35ms
33ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/photoswipe/photoswipe-lightbox.esm.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d347c07a3089234662f00ad535ff34795a9cbf397ca38132269042bc3cbdebf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko-fi.com/Scripts/shopcommission.js?v=243jt
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=36203
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa96eb9e91e18-FRA

GET
H2 200 photoswipe.esm.js Show response
ko-fi.com/lib/photoswipe/ 74 KB
19 KB 42ms
41ms Script
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/photoswipe/photoswipe.esm.js

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

681464fd731c69126dc3d3969133ace3839ec1f6dba279dd584959668b8e8672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko-fi.com/Scripts/shopcommission.js?v=243jt
Origin: https://ko-fi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=145295
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa96eb9ea1e18-FRA

GET
H2 200 swiper-bundle.min.css
ko-fi.com/lib/swiperjs/v8.4.6/ 16 KB
6 KB 63ms
58ms Stylesheet
text/css 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/swiperjs/v8.4.6/swiper-bundle.min.css?v=243jt

Requested by

Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67debf7546f60c16b1cd96d07b3a9d3851c3ac91aba126d9d88ce9f6a73dabb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
content-length: 5793
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 846aa96f0a131e18-FRA

GET
H2 200 swiper-bundle.min.js Show response
ko-fi.com/lib/swiperjs/v8.4.6/ 140 KB
51 KB 64ms
59ms XHR
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/lib/swiperjs/v8.4.6/swiper-bundle.min.js?v=243jt

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8966a0426081f47ebc4df82ab440c41e148c50826dca5a79bd9542456849964a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.wVYVr
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
content-length: 52159
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 846aa96f0a151e18-FRA

GET
H2 200 clipboard.js Show response
storage.ko-fi.com/cdn/scripts/ 10 KB
3 KB 65ms
61ms Script
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.ko-fi.com/cdn/scripts/clipboard.js?v=243jt
Requested by: Host: storage.ko-fi.com
URL: https://storage.ko-fi.com/cdn/scripts/jquery-2.0.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9214020446336733693110f40ae387236467967a07012ff0f99da8cdf505e281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: 2p0uXQGMC6dXbFsTmBaiVw==
age: 6284
x-ms-lease-status: unlocked
last-modified: Sun, 23 Oct 2022 22:21:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9c665039-a01e-004b-0c40-4429aa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
cf-ray: 846aa96f0a181e18-FRA

GET
H2 200 B0B0RF5B5 Show response
ko-fi.com/api/discount/get-for-pageid/ 48 B
219 B 215ms
210ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/api/discount/get-for-pageid/B0B0RF5B5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ee3cd6835b5dff5fe814eead792acf3e99bfd3d9225846be2918eecd07e5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.b4oEg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 153
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
cf-ray: 846aa96f0a191e18-FRA

GET
H2 200 LoadPageFeed Show response
ko-fi.com/Buttons/ 34 KB
4 KB 250ms
246ms XHR
text/html 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Buttons/LoadPageFeed?buttonId=B0B0RF5B5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ddb64921f573b0512eac151137c98faf29e55642433ce67415dd8c41872fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.cC+kZ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:32 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
cf-ray: 846aa96f0a1a1e18-FRA

GET
H2 200 PersonalFeed Show response
ko-fi.com/Feed/ 23 KB
3 KB 300ms
297ms XHR
text/html 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Feed/PersonalFeed?pageIndex=0&pageId=B0B0RF5B5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc9da63260326a94ccf29b17e2e72e362f1eeb10675548a9275da6ee54a2f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.nRH+R
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Jan 2024 09:47:47 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
cf-ray: 846aa96f0a1b1e18-FRA

GET
H2 200 LoadRecentPosts Show response
ko-fi.com/Buttons/ 2 KB
728 B 225ms
222ms XHR
text/html 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Buttons/LoadRecentPosts?buttonId=B0B0RF5B5&_=1705453231708

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e59d2aef86de85a74117934633a290d8e311c9a9bfa6e6e4e147673874337a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.ZSU0E
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:32 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
cf-ray: 846aa96f0a1c1e18-FRA

GET
H2 200 LoadTopSupporters Show response
ko-fi.com/Buttons/ 0
46 B 247ms
244ms XHR
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/Buttons/LoadTopSupporters?buttonId=B0B0RF5B5&handle=malard&_=1705453231709

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.ZLeh5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 846aa96f0a1f1e18-FRA

GET
H2 200 B0B0RF5B5 Show response
ko-fi.com/api/commission/get-accept-messaging/ 75 B
247 B 211ms
205ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/api/commission/get-accept-messaging/B0B0RF5B5?_=1705453231710

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed2936a4b7050e957bdd4e6f5617a43d802dd824ce931bc8aefaaaf192133603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.aFIFQ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 179
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:32 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 846aa96f2a2d1e18-FRA

GET
H2 200 6 Show response
ko-fi.com/shop/B0B0RF5B5/items/0/ 3 KB
1 KB 249ms
242ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/shop/B0B0RF5B5/items/0/6?productType=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

486bf5cac7793fbde5644b99717b66970533b15bf80603eda92b845f5e0c4b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.xW8Gx
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 1443
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 846aa96f2a2f1e18-FRA

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 5AA9 200 B
840 B 77ms
73ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko-fi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3610118
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 01:00:32 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 317035
x-content-type-options: nosniff
x-request-id: fc35c311-7b32-4113-89f8-0270e51460d9
x-served-by: cache-fra-etou8220046-FRA

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D241 44 KB
28 KB 43ms
42ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=brqt1t2vdmc5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7476578bc27d5fa446368ed44bc681e6133927a51304273dfb970a3116a2288

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-njpABN-diDwnhPJ_NsLQMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ko-fi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-njpABN-diDwnhPJ_NsLQMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 17 Jan 2024 01:00:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 share-link-modal-scripts.js Show response
ko-fi.com/scripts/modules/ 4 KB
1 KB 32ms
32ms XHR
application/x-javascript 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/scripts/modules/share-link-modal-scripts.js?v=243jt

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b157b8396a8aa1c0bb5f5950cf9a7477306a4156e1c958923c2e28cb6e28c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.HtScz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 56
cf-polished: origSize=6055
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: W/"091a846648da1:0"
vary: Accept-Encoding
content-type: application/x-javascript
cf-ray: 846aa96f7a4a1e18-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame D241 55 KB
24 KB 66ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=brqt1t2vdmc5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 23:14:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 23:14:41 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame D241 506 KB
203 KB 77ms
33ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5AA9 526 B
450 B 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 17 Jan 2024 01:00:32 GMT
via: 1.1 varnish
age: 3531138
x-cache: HIT
content-length: 315
x-request-id: a190c4d3-4f5d-4a12-81ae-44d62f461a7b
x-served-by: cache-fra-etou8220046-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 301830

POST
H2 200 csp-report
q.stripe.com/ Frame 5AA9 0
716 B 601ms
195ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 17 Jan 2024 01:00:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705453233077779
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705453233077487
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5AA9 0
717 B 600ms
195ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 17 Jan 2024 01:00:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705453233077735
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705453233077436
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 7ABB 930 B
1 KB 27ms
19ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 104
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 17 Jan 2024 01:00:32 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 22
x-content-type-options: nosniff
x-request-id: a1c1b2d8-afeb-4f5a-912a-8bef0de22c13
x-served-by: cache-fra-etou8220046-FRA
x-timer: S1705453233.605440,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 7ABB 0
490 B 552ms
196ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 17 Jan 2024 01:00:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705453233078104
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1705453233077690
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 7ABB 87 KB
15 KB 19ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 17 Jan 2024 01:00:32 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 289
x-cache: HIT
content-length: 15509
x-request-id: 5abcac33-cac7-41b1-8635-d9b43d4cc30a
x-served-by: cache-fra-etou8220046-FRA
server: Fastly
x-timer: S1705453233.627573,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 50

POST
H2 200 6 Show response
m.stripe.com/ Frame 7ABB 156 B
668 B 588ms
196ms XHR
application/json 34.215.162.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.162.111 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-162-111.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b0701520ca19d03323ad7e82e5d4b4cfcd331fca6a55cc619bdb45514da56e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 17 Jan 2024 01:00:33 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705453233174093
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705453233173635
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 0Cqmw64vVDdXjGZEoSN2NjFc6s-AADeaJ1f3yoXUl2A.js Show response
www.google.com/js/bg/ Frame D241 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/0Cqmw64vVDdXjGZEoSN2NjFc6s-AADeaJ1f3yoXUl2A.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02aa6c3ae2f5437578c6644a1237636315ceacf8000379a2757f7ca85d49760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=brqt1t2vdmc5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 22:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 22:59:01 GMT

GET
H2 200 supporteronly.png
storage.ko-fi.com/cdn/useruploads/ 97 KB
97 KB 31ms
31ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/supporteronly.png?v=3
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28abe8213272fa3698b6aab1815813da8b1091e8324e4ef09207bd96e970b83f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
cf-cache-status: HIT
content-md5: EC7vQ2pJJjSPdo5/xWyOxQ==
age: 3191
cf-polished: origFmt=png, origSize=149286
content-disposition: inline; filename="supporteronly.webp"
content-length: 99088
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Mon, 24 Oct 2022 16:17:39 GMT
server: cloudflare
etag: 0x8DAB5DB457B9E69
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: b3ba0bf6-401e-000e-5d10-14f43b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa9708aca1e18-FRA

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D241 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 104618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D241 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 437616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D241 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 103381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D241 102 B
135 B 32ms
31ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeIm9UUAAAAAI9HoqMbV3xi0okAxcoNNumTv6QU&co=aHR0cHM6Ly9rby1maS5jb206NDQz&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=brqt1t2vdmc5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 17 Jan 2024 01:00:32 GMT

GET
H2 200 anon10.png
ko-fi.com/img/ 574 B
733 B 33ms
32ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/anon10.png?v=10

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b071c67b35ee2ce7bfc4b0251354b09da100c5e39e378fb429443ae8a4472072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 28
cf-polished: origFmt=png, origSize=1986
content-disposition: inline; filename="anon10.webp"
content-length: 574
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 846aa970bada1e18-FRA

GET
H2 200 anon6.png
ko-fi.com/img/ 574 B
680 B 189ms
188ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/anon6.png?v=1

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5aecba121aaefc0dbde0bd82dcdf9ddf33a0881eb903cb5909a3dce79e4df3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
cf-polished: origFmt=png, origSize=1980
content-disposition: inline; filename="anon6.webp"
content-length: 574
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 846aa970badb1e18-FRA

GET
H2 200 anon14.png
ko-fi.com/img/ 610 B
724 B 36ms
35ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ko-fi.com/img/anon14.png?v=10

Requested by

Host: ko-fi.com
URL: https://ko-fi.com/malard

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c3600b8fd2244f92bc2974e1d9a8a228a846aa91607cef5cddbb0ae3e49afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/malard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 44
cf-polished: origFmt=png, origSize=2222
content-disposition: inline; filename="anon14.webp"
content-length: 610
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Tue, 16 Jan 2024 10:26:50 GMT
server: cloudflare
etag: "091a846648da1:0"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 846aa970badd1e18-FRA

GET
H2 200 b7aaef3b-5f15-4b5a-91e2-f005037e3a07_screenshot00013.png
storage.ko-fi.com/cdn/useruploads/post/ 80 KB
80 KB 215ms
215ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/b7aaef3b-5f15-4b5a-91e2-f005037e3a07_screenshot00013.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d902babf310c7009900a6f91fd1276970e4100960f1ffb3ead933d9eec345703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: REVALIDATED
content-md5: PgkQ7bkMKY/4dnxh2lFK6w==
cf-polished: origFmt=png, origSize=127865
content-disposition: inline; filename="b7aaef3b-5f15-4b5a-91e2-f005037e3a07_screenshot00013.webp"
content-length: 81504
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Thu, 23 Nov 2023 07:41:21 GMT
server: cloudflare
etag: 0x8DBEBF796661D60
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 9373d19f-401e-000e-510c-48f43b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa970bae01e18-FRA

GET
H2 200 96b874fa-8890-4f7b-a506-3d86c1e90308_screenshot00012.png
storage.ko-fi.com/cdn/useruploads/post/ 134 KB
135 KB 216ms
215ms Image
image/png 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/96b874fa-8890-4f7b-a506-3d86c1e90308_screenshot00012.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0531230cac84604651b12afedbc1c72a07d942c3608b840a08ed7fe918e47589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: MISS
content-md5: neCgUrUNZ+9bELkLgUxQ9g==
content-length: 137375
x-ms-lease-status: unlocked
last-modified: Thu, 23 Nov 2023 07:31:35 GMT
server: cloudflare
etag: 0x8DBEBF639442057
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 86872dab-301e-0028-74e0-486f8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa970bae11e18-FRA

GET
H2 200 b6d1d4ac-eab2-4c2a-a54f-e31d4b1ae872_screenshot00015.png
storage.ko-fi.com/cdn/useruploads/post/ 175 KB
175 KB 220ms
220ms Image
image/webp 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.ko-fi.com/cdn/useruploads/post/b6d1d4ac-eab2-4c2a-a54f-e31d4b1ae872_screenshot00015.png
Requested by: Host: ko-fi.com
URL: https://ko-fi.com/malard
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f31198cbf9aa3b0c5adbf9b62c5e80eaf0ae39bd0731e9b163a1362be859988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 17 Jan 2024 01:00:32 GMT
x-ms-meta-userid: 31daf9ba-6eee-41cc-a9f2-45c8d6c0b759
cf-cache-status: REVALIDATED
content-md5: qkzCfIDSMjmL0VeAUwBAmA==
cf-polished: origFmt=png, origSize=263484
content-disposition: inline; filename="b6d1d4ac-eab2-4c2a-a54f-e31d4b1ae872_screenshot00015.webp"
content-length: 178858
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri,csam-hash
last-modified: Thu, 23 Nov 2023 07:45:22 GMT
server: cloudflare
etag: 0x8DBEBF825C330D3
vary: Accept
content-type: image/webp
access-control-allow-origin: *
x-ms-request-id: 4940e2eb-301e-0023-350c-4877fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-UserId,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846aa970bae31e18-FRA

GET
H2 200 PageLoaded Show response
ko-fi.com/buttons/ 34 B
468 B 211ms
211ms XHR
application/json 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/buttons/PageLoaded?pageId=B0B0RF5B5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4199476604d204f5695f658fe3f1c1fca5e608f1f91eebc48a17016a2f379920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://ko-fi.com/malard
X-Requested-With: XMLHttpRequest
Request-Id: |mHDWR.RaR3O
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
arr-disable-session-affinity: True
content-length: 152
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:02025889-f5bc-454e-88f5-4372da34dffd
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:00:33 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
accept-ranges: bytes
cf-ray: 846aa9727bcd1e18-FRA

POST
H2 204 rum Show response
ko-fi.com/cdn-cgi/ 0
201 B 45ms
44ms XHR
text/plain 2606:4700:10::ac43:1a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ko-fi.com/cdn-cgi/rum?

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:10::ac43:1a15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ko-fi.com/malard
Request-Id: |mHDWR.iLDFz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Wed, 17 Jan 2024 01:00:33 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ko-fi.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 846aa9727bd01e18-FRA

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 218ms
42ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://ko-fi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 17 Jan 2024 01:00:33 GMT
x-content-type-options: nosniff

POST
H2 439 track Show response
dc.services.visualstudio.com/v2/ 842 B
1 KB 72ms
72ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ec859125c7d67fb0cb6ef28a49596ca3c176ea6ccd68fd50e0c1d8b8fc396f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ko-fi.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 48B07825-ED85-443D-BA64-7F12B3ECD740
strict-transport-security: max-age=31536000
date: Wed, 17 Jan 2024 01:00:33 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 842

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-M13FZ7VQ2C&gtm=45je41a0v888810137&_p=1705453231586&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=103927268.1705453232&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705453231&sct=1&seg=0&dl=https%3A%2F%2Fko-fi.com%2Fmalard&dt=Buy%20Malard%20a%20Coffee.%20ko-fi.com%2Fmalard%20-%20Ko-fi%20%E2%9D%A4%EF%B8%8F%20Where%20creators%20get%20support%20from%20fans%20through%20donations%2C%20memberships%2C%20shop%20sales%20and%20more!%20The%20original%20%27Buy%20Me%20a%20Coffee%27%20Page.&en=scroll&ep.isLoggedIn=no&ep.distinctId=&epn.percent_scrolled=90&_et=3&tfd=6219
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M13FZ7VQ2C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ko-fi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 01:00:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ko-fi.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ko-fi.com/	1970-01-21 02:29:49	Name: ai_user Value: f26xt\|2024-01-17T01:00:31.768Z
.ko-fi.com/	1970-01-20 19:53:49	Name: _gcl_au Value: 1.1.71320235.1705453232
.ko-fi.com/	1970-01-21 03:20:13	Name: _ga Value: GA1.1.103927268.1705453232
.ko-fi.com/	1970-01-21 03:20:13	Name: _ga_M13FZ7VQ2C Value: GS1.1.1705453231.1.0.1705453231.60.0.0
.ko-fi.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 9d02915b3f13aa99ac927d952e72ba352bfa56c9bf4ec455ebc608b4dc052f42
.ko-fi.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 9d02915b3f13aa99ac927d952e72ba352bfa56c9bf4ec455ebc608b4dc052f42
ko-fi.com/	1970-01-20 17:44:15	Name: ai_session Value: vVmo\|1705453232544.2\|1705453232544.2
m.stripe.com/	1970-01-21 03:20:13	Name: m Value: f6c5f5e9-9b64-434c-b1e9-67011152e9e32e0537
.ko-fi.com/	1970-01-21 02:29:49	Name: __stripe_mid Value: 499b23f7-0e4b-4053-a04d-4faf081f495af93f4e
.ko-fi.com/	1970-01-20 17:44:15	Name: __stripe_sid Value: 6dd2d2d6-49b9-46b2-b0b4-92e2dccaf18a1922b3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 439 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
ko-fi.com
m.stripe.com
m.stripe.network
mallard.studio
platform.instagram.com
q.stripe.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
storage.ko-fi.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.instagram.com
13.69.106.212
151.101.64.176
2001:4860:4802:34::36
2001:4860:4802:38::15
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:1d50
2606:4700:10::ac43:1a15
2606:4700::6810:3965
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9a
2a03:2880:f276:1c3:face:b00c:0:43fe
2a03:2880:f276:1e9:face:b00c:0:4420
34.215.162.111
54.186.23.98
00bab7ff24939b7a4f59f6d05350b929b37b8b8efe5ee364a3646bc561f714ae
0294c443a2894db92ded5e6a756cb7cbce8e13ad59752aadfc24a8a1419cf77b
0531230cac84604651b12afedbc1c72a07d942c3608b840a08ed7fe918e47589
0727dbbef4c7b2fd79ce259379b1412cfbc544e14711f192f98fafe3f1212c98
0fae7019e31e6127ad883d031a36290b83b3ac7d03a6ee109b391d9b0fb9270a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1a8c46134bc64383c11f1934724607ad683f4d2ed1c10489f03ed01b10d8b44c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ca85c1812ca68df974c337eb02cfa9ed4d9b9069c337266dfd5e8ace95fdcd3
1d52222f35e6fa207eab568926809ae3ee40daeb060de500c84eb5e44b0238c2
1d9dd57f3ccdd051da3196d7ae95340d045375a9c779e96463aec96c237b575a
20aca36364f7c307006861215cb515fbce570b1ebeadd23cec96834e8bd11513
23c317e600368907495485eade9310ab77770f7bd2bb27bb85f95e9a089173d7
2654f35a94d9e7c15bb5dc521576ac6262f230e52d0d615ac667bb4572708240
283e825989e009d13b228f34bb3d721705d576ac2eb4eeaf1be90f727d6d5767
28abe8213272fa3698b6aab1815813da8b1091e8324e4ef09207bd96e970b83f
2e5f2016def030acfe984093f945627d23ecaa14e1f8e1bd017bbcd600bf3358
2ee1a1713fb00eb6aa7e2c1dab97c7b80fe2d26185f698fa7956836308addaea
314c24539472b73912ca8fa85d18eba96851bcb57eef99ae5bc3158a4d2eec7c
31ee3cd6835b5dff5fe814eead792acf3e99bfd3d9225846be2918eecd07e5b0
323d462b04302df2414bb7565eb44e5ea0cb1c27200029bd02b57bf373308b22
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
361ef6361b8708994b00dd261202e4a1a285f895d277c1c5d20d2397a025b0d7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fab1f2f6f50fdfc5cf41befe49df96d6709dd7f8ae74dfaf23bcc26902bac24
411de7b9ffcd20abd35dff92e60dd9a1ca19cc8b5fe2209c6831ff3cff945605
4199476604d204f5695f658fe3f1c1fca5e608f1f91eebc48a17016a2f379920
41b8027883c1b4614b83ade0d791e80da436d8eed1b3d9cdab85c32f7c58b3ae
450f12b3b838f43e8bdcaf1f37b29de85e9f7f03d0d9d695e9db73e63cd10bb8
457554ad286ecf6fd5f5e79e6c883602d57638d50f96fb060f6edc19de027834
486bf5cac7793fbde5644b99717b66970533b15bf80603eda92b845f5e0c4b03
4c225caabe08a9a0613e1257efa5cda80cd82cf2798e5ea0479a20c75f3ca91c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53c3600b8fd2244f92bc2974e1d9a8a228a846aa91607cef5cddbb0ae3e49afc
59e08331ffde7b2e6e9355e55780d9bcd495ef7f29f700381e7a5d3c06d59867
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e56e7a5a8165248aed56c16515460681f2ff31bae3e031fdabb84ba8afc8a9c
5e8cc4ba5549dcc0cad28f35fba9241a0dd184633dd561d0957b605de99fdac8
5f31198cbf9aa3b0c5adbf9b62c5e80eaf0ae39bd0731e9b163a1362be859988
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
676a8ced09d39d2976f239688c4f104b551338d3b14a9d9bd30d3667ca74d094
67debf7546f60c16b1cd96d07b3a9d3851c3ac91aba126d9d88ce9f6a73dabb2
681464fd731c69126dc3d3969133ace3839ec1f6dba279dd584959668b8e8672
68b157b8396a8aa1c0bb5f5950cf9a7477306a4156e1c958923c2e28cb6e28c8
6bd29401dfc32462a6aeab4afba1daa1f5247a505ae0ea0c541fbbe90ee6053c
6ec1f31f623d90cabadbf5b17f01cd5e84025b8e3125e73649c6058bbf41cccd
77784729456d5b714cbf56ab897545efe66fc38f7cdc45ef04d9143c477913df
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
791c6007323c117a570480f4be6c47f9b190ea2c83b160613b3c3748dd1d8ae7
79488c217fb7c67ae2a169332b61d9b5c5f34446c1f003c93bdcc7edc7c3511a
79e302d8490b8da90eb981f39ca6c30b74568eca809918b273caff1ce3fd0862
7b3cc1d130434e08cef3405f59a4c0817571a73bee9abbd0c71e993f617838d1
83540a1b1aaca7ec79264b8dfc98c797dea37b6c33b604b95a8e21e1cee09bd3
8966a0426081f47ebc4df82ab440c41e148c50826dca5a79bd9542456849964a
89e59d2aef86de85a74117934633a290d8e311c9a9bfa6e6e4e147673874337a
8a7c3ab3bfcc6534917a25a610fa4afd169e6ce7244fd330899fb1607c46db16
8c258b4c6e47586ade529a866721f9eb52b8fa2be49cdcd09419b7eb68cc41cf
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
9214020446336733693110f40ae387236467967a07012ff0f99da8cdf505e281
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
93fe08ed732ba2e098391f0dc6e95c7eaddb8a0fd9ad9b4b189cad164fa90465
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9c11ccf2278145893cf2d10bc013b41d754b6559c98de5fae342c158d5082007
9f73c0015652859ca111e91691ddc2be33b28a82f1423f1e4268ab506d1c9477
a034927e7faf2dcc94e0f325de7693821a492402f896d9550320560a93d30c52
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
a7476578bc27d5fa446368ed44bc681e6133927a51304273dfb970a3116a2288
ad7b18d036d06493f9b8c2fdbd65c5d89894aa69007bda2e6e9d25799fe7f665
b0701520ca19d03323ad7e82e5d4b4cfcd331fca6a55cc619bdb45514da56e1b
b071c67b35ee2ce7bfc4b0251354b09da100c5e39e378fb429443ae8a4472072
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b4eed0beb75c73a24384275418323653a2de7920da9e8f390528302b5d7f51e0
b6e9ba03a8a5758af4c04710d3d08e5ceec146eb2c0ac227ba209c8cb487c9a2
b82753e852e463afbaf17ce6e1ff4ed2eb079c93dd2afd10d2bb285ef2dc84fe
b94552fdddf133797c626b9c0248f50de46de94e18f97bf778f520555115995c
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc73565f10eefe163fc67d3bc379f1f49ef4acab08f36e9bc7f0fed4db97b9f1
be010c823bcae2a97dc9ce3eac934cc93c3c201e46ec0db51e9c71d90fbf9f82
c5aecba121aaefc0dbde0bd82dcdf9ddf33a0881eb903cb5909a3dce79e4df3c
c8190ac8f569646b28c013967f583807f87c8fcb83bd5ca22eea00e1ea5fcc6d
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
cb2134d2d0e6ad0bda36ad2228b5ac3f86370d08efbc52eda3b98bde5601bf1c
cced72a5fc90de9cbfa59c691d65be471f67d2aae3e3ed37ebe476bf2b0c7030
d02aa6c3ae2f5437578c6644a1237636315ceacf8000379a2757f7ca85d49760
d347c07a3089234662f00ad535ff34795a9cbf397ca38132269042bc3cbdebf8
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
d5ddb64921f573b0512eac151137c98faf29e55642433ce67415dd8c41872fc5
d69aaf0dd993c601ae9f2978dc7fc363775d04bc549da9b366779f60ecb81372
d902babf310c7009900a6f91fd1276970e4100960f1ffb3ead933d9eec345703
df1e4f8c20f7a9f7a0b6a96a046c7a60f899dc1ba9069fbe1aec2ef89b12826f
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0fefc9b3527b5a7d233834041ff09c1572cd80f9b24894e65a64e332fead136
e26b16a27085c6d20786f6ceb4d0f18db1c4e00a4abb5793359bb8e1a363a61c
e384dbfa5ec29adb4c88af8e8250db6dfbc903495c08163ef0fd6e16fbec8c46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88057d4e741063425ffa32850aa6ca5884a63b41a4f3fa09a7799b64b4030d3
ea5845500a29b4f113310b4f7ece09f7b15643b169b46609981c75d2460a4a64
ec24c83c49aa3e87501ffb4b6180fe136752f93beb0d76ff91ad3fdbd28d1c1e
ec859125c7d67fb0cb6ef28a49596ca3c176ea6ccd68fd50e0c1d8b8fc396f1f
ed2936a4b7050e957bdd4e6f5617a43d802dd824ce931bc8aefaaaf192133603
ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96dcca2d81249b773d184d1b77fc755cc43512638e23fbf4b1bec488d22b7e
efc9da63260326a94ccf29b17e2e72e362f1eeb10675548a9275da6ee54a2f41
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f52ed5805908383b037a53614a34717417b4c78d94a9d1af71c3c0be55a7455f
f5b4cbb864b7f74f6da00206715552fdaeb8e63e82c1173c058af14c75514256
f7b56e9d9d43a289272d196982a483b264cc3dc936261f2f77c77d717bc188c3

ko-fi.com Open in urlscan Pro 2606:4700:10::ac43:1a15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

99 %HTTPS

79 %IPv6

14 Domains

20 Subdomains

17 IPs

4 Countries

3114 kBTransfer

6203 kBSize

10 Cookies

14 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ko-fi.com Open in urlscan Pro
2606:4700:10::ac43:1a15 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

99 %
HTTPS

79 %
IPv6

14
Domains

20
Subdomains

17
IPs

4
Countries

3114 kB
Transfer

6203 kB
Size

10
Cookies

121 HTTP transactions
0 data transactions