user.deldarak.cf Open in urlscan Pro
65.109.187.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user.deldarak.cf/
Submission: On April 21 via automatic, source certstream-suspicious (April 21st 2023, 1:08:23 pm UTC) — Scanned from FI

Summary HTTP 153 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 31 domains to perform 153 HTTP transactions. The main IP is 65.109.187.121, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is user.deldarak.cf.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on April 21st 2023. Valid for: 3 months.

This is the only time user.deldarak.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	65.109.187.121 65.109.187.121	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
15	2a02:26f0:480... 2a02:26f0:480:39e::4205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.70.84.69 104.70.84.69	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	151.101.128.238 151.101.128.238	54113 (FASTLY) (FASTLY)
6	104.16.95.80 104.16.95.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.102.38.132 104.102.38.132	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700:e0:... 2606:4700:e0::ac40:650a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2600:9000:205... 2600:9000:2057:ae00:b:201e:bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:131e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
3	2606:4700::68... 2606:4700::6812:121e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.4.97 99.86.4.97	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:17a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 4	143.204.89.62 143.204.89.62	16509 (AMAZON-02) (AMAZON-02)
10	54.243.108.33 54.243.108.33	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	52.71.247.184 52.71.247.184	14618 (AMAZON-AES) (AMAZON-AES)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2600:9000:225... 2600:9000:2250:6e00:1d:9f28:ff00:21	16509 (AMAZON-02) (AMAZON-02)
1	100.26.87.64 100.26.87.64	14618 (AMAZON-AES) (AMAZON-AES)
153	40

5 65.109.187.121 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.187.109.65.clients.your-server.de

user.deldarak.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:480:39e::4205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.70.84.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-84-69.deploy.static.akamaitechnologies.com

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.128.238 (United States)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab32.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.38.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-38-132.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:650a (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2057:ae00:b:201e:bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.funraise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:131e (United States)

ASN13335 (CLOUDFLARENET, US)

widget.harnessapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:121e (United States)

ASN13335 (CLOUDFLARENET, US)

harnessapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-97.fra6.r.cloudfront.net

09866830beaa.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

570-vpd-925.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:17a (United States)

ASN13335 (CLOUDFLARENET, US)

refugeesinternational.harnessgiving.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.89.62 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-62.fra50.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.243.108.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-108-33.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

494eb2d326934d79a2bf85f709e18a4d-09866830beaa.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.71.247.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-247-184.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2250:6e00:1d:9f28:ff00:21 (United States)

ASN16509 (AMAZON-02, US)

duuytoqss3gu4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.26.87.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-87-64.compute-1.amazonaws.com

62da9c78a72a4d4aa55be880b6696b11-09866830beaa.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	forter.com 2 redirects 09866830beaa.cdn4.forter.com — Cisco Umbrella Rank: 404854 cdn9.forter.com — Cisco Umbrella Rank: 4120 cdn0.forter.com — Cisco Umbrella Rank: 4095 494eb2d326934d79a2bf85f709e18a4d-09866830beaa.cdn.forter.com cdn3.forter.com — Cisco Umbrella Rank: 3968 62da9c78a72a4d4aa55be880b6696b11-09866830beaa.cdn.forter.com	305 KB
21	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 6915	1 MB
17	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 7532 static1.squarespace.com — Cisco Umbrella Rank: 8009	2 MB
13	funraise.io assets.funraise.io — Cisco Umbrella Rank: 379819	586 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	65 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	480 KB
6	cloudfront.net duuytoqss3gu4.cloudfront.net	2 KB
6	marketo.com app-ab32.marketo.com — Cisco Umbrella Rank: 455896	144 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2971 ka-f.fontawesome.com — Cisco Umbrella Rank: 5613	99 KB
5	deldarak.cf user.deldarak.cf	44 KB
4	harnessapp.com widget.harnessapp.com — Cisco Umbrella Rank: 293594 harnessapp.com — Cisco Umbrella Rank: 250992	75 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	414 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	235 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	64 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	608 B
2	t.co t.co — Cisco Umbrella Rank: 584	578 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	181 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	137 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 6272	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1289	87 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 324	766 B
1	lr-ingest.io cdn.lr-ingest.io — Cisco Umbrella Rank: 19395	163 KB
1	google.com www.google.com — Cisco Umbrella Rank: 16	876 B
1	pinterest.com log.pinterest.com — Cisco Umbrella Rank: 4554	337 B
1	harnessgiving.org refugeesinternational.harnessgiving.org	1 KB
1	mktoresp.com 570-vpd-925.mktoresp.com	318 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	typekit.net use.typekit.net — Cisco Umbrella Rank: 920	7 KB
0	Failed function sub() { [native code] }. Failed
0	bespoke-creations.us Failed widget-tracker.bespoke-creations.us Failed
153	31

	Domain	Requested by
21	images.squarespace-cdn.com	user.deldarak.cf
15	assets.squarespace.com	user.deldarak.cf static1.squarespace.com assets.squarespace.com
13	assets.funraise.io	user.deldarak.cf assets.funraise.io
10	cdn0.forter.com	assets.funraise.io
8	www.googletagmanager.com	user.deldarak.cf widget.harnessapp.com www.googletagmanager.com assets.funraise.io
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com user.deldarak.cf
6	duuytoqss3gu4.cloudfront.net
6	app-ab32.marketo.com	user.deldarak.cf app-ab32.marketo.com
5	user.deldarak.cf	assets.squarespace.com
4	cdn3.forter.com
4	cdn9.forter.com	2 redirects user.deldarak.cf
4	ka-f.fontawesome.com	kit.fontawesome.com user.deldarak.cf
4	fonts.googleapis.com	user.deldarak.cf client
3	harnessapp.com	widget.harnessapp.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	user.deldarak.cf
2	www.youtube.com	user.deldarak.cf www.youtube.com
2	09866830beaa.cdn4.forter.com	user.deldarak.cf
2	analytics.twitter.com	user.deldarak.cf
2	t.co	user.deldarak.cf
2	connect.facebook.net	user.deldarak.cf connect.facebook.net
2	munchkin.marketo.net	user.deldarak.cf munchkin.marketo.net
2	maxcdn.bootstrapcdn.com	user.deldarak.cf maxcdn.bootstrapcdn.com
2	static1.squarespace.com	user.deldarak.cf
1	62da9c78a72a4d4aa55be880b6696b11-09866830beaa.cdn.forter.com
1	sentry.io	assets.funraise.io
1	www.gstatic.com	www.google.com
1	cdn.lr-ingest.io	assets.funraise.io
1	www.google.com	assets.funraise.io
1	494eb2d326934d79a2bf85f709e18a4d-09866830beaa.cdn.forter.com
1	log.pinterest.com	assets.squarespace.com
1	refugeesinternational.harnessgiving.org	widget.harnessapp.com
1	570-vpd-925.mktoresp.com	munchkin.marketo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	widget.harnessapp.com	user.deldarak.cf
1	static.ads-twitter.com	user.deldarak.cf
1	kit.fontawesome.com	user.deldarak.cf
1	use.typekit.net	user.deldarak.cf
0	mlomiejdfkolichcflejclcbmpeaniij Failed
0	ihcjicgdanjaechkgeegckofjjedodee Failed
0	gighmmpiobklfepjocnamgkkbiglidom Failed
0	widget-tracker.bespoke-creations.us Failed	widget.harnessapp.com
153	43

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.refugeesinternational.org
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
user.deldarak.cf ZeroSSL ECC Domain Secure Site CA	`2023-04-21` - `2023-07-20`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2023-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.squarespace-cdn.com R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
app-ab32.marketo.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
assets.funraise.io Amazon RSA 2048 M02	`2023-02-24` - `2023-09-11`	7 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2022-12-08` - `2024-01-08`	a year	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
harnessgiving.org Cloudflare Inc ECC CA-3	`2023-03-10` - `2023-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn0.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-07`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.cdn.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn3.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-04`	a year	crt.sh
*.lr-ingest.io E1	`2023-04-11` - `2023-07-10`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://user.deldarak.cf/
Frame ID: D8B8EDBB96D4AD2EABB4921636B4E081
Requests: 114 HTTP requests in this frame

Frame: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
Frame ID: BDF6A6834D402F8B33EDA051514FE230
Requests: 4 HTTP requests in this frame

Frame: https://refugeesinternational.harnessgiving.org/embedded-api.html
Frame ID: A2AEC3A0467F567C2A3BA1230C7192DC
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Frame ID: FDCFDA40ECDD5026AD0F84F0206D79DC
Requests: 2 HTTP requests in this frame

Frame: https://app-ab32.marketo.com/index.php/form/XDFrame
Frame ID: F5C1A72A173867E485337CB59C956517
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A49ADCF714C5458E819A9994804FD2EB
Requests: 1 HTTP requests in this frame

Frame: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Frame ID: E46C3B2EDDE7D747CE7EBF33EF90EF3F
Requests: 24 HTTP requests in this frame

Frame: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png
Frame ID: 43BEE9315AA548F9C774B5CA5D7ABF0E
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg
Frame ID: D667FF41C6C127FC97AB1FCD45BD1A71
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png
Frame ID: 9100C05945B02B96E863819B53B0EE2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Refugees International

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Squarespace Commerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

assets\.squarespace\.\w+/universal/scripts-compressed/commerce-\w+-min\.[\w+\-]+\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

LogRocket (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.lr-ingest\.io

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

153
Requests

93 %
HTTPS

56 %
IPv6

31
Domains

43
Subdomains

40
IPs

5
Countries

5360 kB
Transfer

15844 kB
Size

21
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/RefugeesIntl

Search URL Search Domain Scan URL

URL: https://www.refugeesinternational.org/#donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.refugeesinternational.org/what
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.refugeesinternational.org/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.refugeesinternational.org/sign-up-for-newsletter
Title: Newsletter Sign Up

Search URL Search Domain Scan URL

URL: https://www.refugeesinternational.org/financials
Title: Financials

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RefugeesInternational

Search URL Search Domain Scan URL

URL: https://www.instagram.com/refugeesintl/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/refugees-international/mycompany/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC-hu-LxnpdZM89KrOkvv_Dg

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7ab65ece6e4878783f22bb1918fa01b6a1b1cc5d268d1062b8ef345eb795c640ac7f4bc661175fe5ddf94cdcaa79

Request Chain 138

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/78bd0eca35192b736c23b04b18fa02eea1b69b597b804e65eae06756b996c315ac7f4bc661175fe5ddf941d1a571

153 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user.deldarak.cf/ 150 KB
24 KB 1132ms
554ms Document
text/html 65.109.187.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.187.121 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.121.187.109.65.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

b979a9bed1a438283b8f6d2eb3db604d345831ccb2cb233be71cbcbdaff14cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ranges: bytes
age: 60645
content-encoding: gzip
content-length: 24678
content-type: text/html;charset=utf-8
date: Fri, 21 Apr 2023 13:08:13 GMT
etag: W/"500e44a36f04b7475ef61fa84e805b69"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx/1.24.0
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: cOrh3ctA/ejL3EFv9

GET
H2 200 mQFgNz2XaIOv6m14O-uoNMNl6phqZuXVyqZjydcuHDIfeTCIfFHN4UJLFRbh52jhWD93FcwtZAIUZQsKw2Bq5QbuwesqFQFcFs7BMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0Scmc-AoXdfoDSWmyScmDS... Show response
use.typekit.net/ik/ 18 KB
7 KB 279ms
70ms Script
text/javascript 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/mQFgNz2XaIOv6m14O-uoNMNl6phqZuXVyqZjydcuHDIfeTCIfFHN4UJLFRbh52jhWD93FcwtZAIUZQsKw2Bq5QbuwesqFQFcFs7BMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0Scmc-AoXdfoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8OeUzjhBC-eNDifUkZAZTd1sCO1FUiABkZWF3jAF8OcFzdPUkZAZuZhm8Sh80iemkdcBX-AN0jA30da41OYFUiABkZWF3jAF8ShFGZAsude80ZkoRdhXCiaiaOcBRiA8XpWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1Oco8ifUaiaS0jWw0dA9CiaiaO148Zc80ie30SaBujW48Sagyjh90jhNlOYiaikokZAZuZhm8Sh80iemkdcBX-AN0jA30da41OYiaikoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlJ6U3ScNt-AuyOAozicI7fbRKHyMMeMw6MKG4fHvgIMMjgfMfH6GJCwbgIMMjgPMfH6qJnbIbMg6eJMJ7fbKOMsMMeMS6MKG4f5w7IMMj2PMfH6qJn6IbMg6bJMJ7fbKwMsMMegI6MTMgo52hNM9.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

96a7b687c08b72333c972501fc87b161bec5fe9dbcdb732f444f4116232398f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 21 Apr 2023 13:08:13 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6853

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 212ms
71ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400&family=Roboto:wght@300;400;700

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07ed678b8eb763214c396e6267be2e428d1086b130b4cf1656c23ca0775ac759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 13:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 13:08:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 13:08:13 GMT

GET
H/1.1 200
OK modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 210ms
59ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 21:19:57 GMT
Server: UploadServer
ETag: "fe0d53a94823df972dbf107bf190771a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42447
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK extract-css-runtime-611e09b686b06f874cdff-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 48 KB
21 KB 211ms
59ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-611e09b686b06f874cdff-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e86af0ff362f0a9ccc79c4316e5fdcece4982a45bc4d6b4b3cc316f496295811

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Apr 2023 19:32:42 GMT
Server: UploadServer
ETag: "d44a421988881fefaeee1c2efda5252e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20544
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 575 KB
111 KB 226ms
69ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
X-GUploader-Response-Body-Transformations: gunzipped
Connection: keep-alive, Transfer-Encoding
Last-Modified: Mon, 21 Nov 2022 16:43:30 GMT
Server: UploadServer
ETag: W/"77a546c78e5335ac223ce347591cf662"
Vary: Accept-Encoding
Warning: 214 UploadServer gunzipped
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK cldr-resource-pack-e6fa1987df62bf405e611-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
24 KB 219ms
62ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-e6fa1987df62bf405e611-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ce871dad89a27c06eef0beccba09f5a35a6bca46ee135adf249b2cf75bc1e9b6

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Apr 2023 23:15:47 GMT
Server: UploadServer
ETag: "34d5f319c7907994574805047ab4fe5d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24412
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK common-vendors-stable-dade9d616ff90ebf99b1d-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
80 KB 220ms
63ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-dade9d616ff90ebf99b1d-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f7933255ef71246aa324ac4ef34fa6608f9cd5b085734815cc4db3db5a0d28db

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Mar 2023 18:20:05 GMT
Server: UploadServer
ETag: "59c3fdb6b596204fc9f3887de0d9dff9"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81890
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK common-vendors-7f1e337eaa22c7c07dcb1-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 737 KB
209 KB 221ms
63ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7f1e337eaa22c7c07dcb1-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a08efa406538235e0b02c5115486a0a013f8b6c8bebd5eab344b53d9b6a9188

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Apr 2023 21:43:32 GMT
Server: UploadServer
ETag: "f0ad18b057d96968f19e8751182051a8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 213719
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK common-843b2936e4c8b15676de4-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 2 MB
494 KB 330ms
69ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-843b2936e4c8b15676de4-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6f3d9e6750aea36cfc3abc14aa973efe08a7cf4e892762a5fae2351646560bff

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Apr 2023 18:58:14 GMT
Server: UploadServer
ETag: "6f41f15fbd21312b83ddf505b482a882"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 505874
Expires: Fri, 21 Apr 2023 14:08:14 GMT

GET
H/1.1 200
OK commerce-7797a27d63c0e56f7ef45-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 816 KB
253 KB 352ms
73ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/commerce-7797a27d63c0e56f7ef45-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c3acfb1c6e0fa596a8b561781c076a313cde9f2f0eb8abaf0ab8748e0496a4a

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 18:14:19 GMT
Server: UploadServer
ETag: "7a999d6427ded3c12d15549448b57663"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258294
Expires: Fri, 21 Apr 2023 14:08:14 GMT

GET
H/1.1 200
OK commerce-42e904b2189a7c1684dd6-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 17 KB
7 KB 216ms
60ms Stylesheet
text/css 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/commerce-42e904b2189a7c1684dd6-min.en-US.css
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5291859d1d01fb7a948ac16a4aa17c04302165bff70b6d4812fb9f578143996a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:13 GMT
Content-Encoding: gzip
X-GUploader-Response-Body-Transformations: gunzipped
Connection: keep-alive
Content-Length: 6735
Last-Modified: Mon, 27 Jun 2022 22:26:20 GMT
Server: UploadServer
ETag: W/"5f7edc78741eba31a70f333bcf16efef"
Vary: Accept-Encoding
Warning: 214 UploadServer gunzipped
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Expires: Fri, 21 Apr 2023 14:08:13 GMT

GET
H/1.1 200
OK performance-00f5b99210a16a5423d98-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 243 KB
67 KB 57ms
57ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-00f5b99210a16a5423d98-min.en-US.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1464a172249891a4c3e4fe98fb9f64e54ef87eb6154161400cdc6f8db9e01845

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 14:45:17 GMT
Server: UploadServer
ETag: "b5237f10e6434e9384976f82ac6c3971"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68327
Expires: Fri, 21 Apr 2023 14:08:14 GMT

GET
H2 200 site.css
static1.squarespace.com/static/sitecss/506c8ea1e4b01d9450dd53f5/347/63efa679c6986c4642d492f3/63efa67ac6986c4642d492f6/0/ 519 KB
62 KB 194ms
60ms Stylesheet
text/css 104.70.84.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/sitecss/506c8ea1e4b01d9450dd53f5/347/63efa679c6986c4642d492f3/63efa67ac6986c4642d492f6/0/site.css

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-69.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

ab093383925284bfd77a01631ddc34c70649a4fc9a6920925ab479b6a583acda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: cache
strict-transport-security: max-age=0
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 13:08:13 GMT
server: Squarespace
vary: Accept-Encoding, "Accept-Encoding"
content-type: text/css; charset=UTF-8
x-contextid: yDGkK9sU/TtpXJEr4
cache-control: public, max-age=94500583
accept-ranges: bytes
timing-allow-origin: *
content-length: 63001
tracepoint: "Akamai"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 207ms
75ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=TAG_ID

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c405c27ef82a37b66a1a7d30b6f42bf50f6cdb36538d18eba7f9996ca85a73f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38750
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 13:08:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
60 KB 319ms
187ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-140866362-1

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8594154cb263013831d958d7f82e1ad9442eb471e1133a0c0f00d7958955127b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61798
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 13:08:14 GMT

GET
H2 200 5085b28d21.js Show response
kit.fontawesome.com/ 11 KB
4 KB 174ms
98ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/5085b28d21.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ccc75997ee5d11cb926cd5406420171a16147555544dafda67c072d2da70f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:13 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7bb5dac30cde376f-HEL
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F1f1Hb9GCJzMR-J_8DtB

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ 20 KB
5 KB 111ms
42ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723, 617
age: 20840409
cdn-cachedat: 2021-07-24 09:40:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2b50aaedc481ac5a56e54a88a5b8c43a
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7bb5dac2fec6d90a-HEL
cdn-requestpullsuccess: True

GET
H2 200 RI+Logo+White+Hi-res+300.png
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1571948573082-J3UIPDIUED5FOSVCPXYY/ 7 KB
7 KB 201ms
57ms Image
image/png 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1571948573082-J3UIPDIUED5FOSVCPXYY/RI+Logo+White+Hi-res+300.png?format=1500w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74e2049de936d6d33d09ca6dd7469c081c05e7128999b69d8183ff41892d49b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 518, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 186863
x-cache: HIT, HIT
content-length: 7152
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.736853,VS0,VE1
etag: CNzuxpjph+sCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 forms2.min.js Show response
app-ab32.marketo.com/js/forms2/js/ 208 KB
69 KB 232ms
48ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab32.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 21:46:36 GMT
server: cloudflare
age: 2738
etag: "268180c-33e51-5f79835f6a700"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7bb5dac64d9b09ac-ARN
expires: Fri, 21 Apr 2023 17:08:14 GMT

GET
H2 200 site-bundle.js Show response
static1.squarespace.com/static/ta/506c8ea1e4b01d9450dd53f5/0/scripts/ 56 KB
21 KB 75ms
75ms Script
application/javascript 104.70.84.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/506c8ea1e4b01d9450dd53f5/0/scripts/site-bundle.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.84.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-84-69.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

a6c4f15c872fe4a9fccbb12cf8bc2468bfbc6345c181c2d34915cc26d138f230

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: cache
strict-transport-security: max-age=0
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 13:08:14 GMT
server: Squarespace
vary: Accept-Encoding, "Accept-Encoding"
content-type: application/javascript; charset=UTF-8
x-contextid: O0zNXl0i/2cwlvffY
cache-control: public, max-age=94211929
accept-ranges: bytes
timing-allow-origin: *
content-length: 21018
tracepoint: "Akamai"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 159 KB
57 KB 280ms
148ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX3MPKR

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a96511b2991d320fe704d5739f211a9cb01b9ce33b04fe6a5d7fab9b6ee8beeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57971
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 13:08:14 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 185ms
56ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 144ms
56ms Fetch
text/css 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5085b28d21
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5085b28d21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 d5d7b369f72f565a0dffcd2db50ec516.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2ek4QCpR4D0kwnAoTX86S2%2FurRR4lubOxXn3LhjP5eEgzOpZh45w5HQlwFvhttbrZi%2BtxgIfiCTxFBl%2BC19%2FVoQuH%2BTVPgmq8ltMv2MIoh4e53ZQQt09IKM9EQUHQS81kDmIGVu5nWCttLCcdc883NPMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7bb5dac7abbc0a37-ARN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FoqgBXsChfPjdPQbJ_GInvxmStO3fjBarG4408Z7hyu4LhPiRqubWg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 150ms
61ms Fetch
text/css 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5085b28d21
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5085b28d21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 fdac35835bcf0937b6f910eeac10720e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiAviiJnJ4m0qU7MrFrGZSNCBvIXzqnoHye9JxrWQ82kDa4cF%2BAXgQ2t6wpbpvUBVnVRgwWfOxMq77%2BZ%2FYlKSvqwsjUQ%2BUBW%2BFq1j37ZuC73kzEu2ayEsJfAKRyQRzZ0stW7%2Ft6ErJJsn9gxxc2fHNZvWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7bb5dac7abbd0a37-ARN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: c2S-l0EVOFcP12qRpDsiyjRukxb3BrQWSZirXK6Z-t0w0WRZHB7Lhw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 142ms
54ms Fetch
text/css 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5085b28d21
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5085b28d21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 fdac35835bcf0937b6f910eeac10720e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ij9j8tGgZZfGhn4ln8%2B2IjRqvJfRbheWNzJ5QfdqoDVUj3%2BoIH54SrvPS%2BT0afiv21jkDMMfHKPf4OyXQ7n02ntM44k0PR5KSBIj%2BHPH6iYxJZk7ugb7Yk4WcOXOYRciXZpnHmRSs2iBRBAGaaHlnBWpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7bb5dac7bbbf0a37-ARN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: u4cC_A-HqqfperDInwYnGYX98UB65AW9Ebn8Wx_fDni026H5T-tw9w==

GET
H2 200 inject-form.js Show response
assets.funraise.io/widget/common/2.0/ 182 KB
60 KB 232ms
72ms Script
application/javascript 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77be0f1ee4baf5be19a1a28dbf368511274a46fe91c451cf6e2f7067e2e2f413

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 16:53:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 139
x-amz-server-side-encryption: AES256
etag: W/"5076617b42c2eb898b4fa62d3998cb5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=15
x-amz-cf-id: lvNiAHltQ33--sbssI0JwXlTjd9YMkARi61LwvZIobJvUs-pkTJdyw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 190ms
60ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 13:08:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 57pv+wfmJ13aptVrWey/DN30/DGurSWucu/635j/yf/iojQAejBZtBO0B6nViZ0bJWJzpzb5rfk5xjHkf3QyYA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 203ms
55ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-fra-eddf8230105-FRA

GET
H2 200 harness-widget-v2.js Show response
widget.harnessapp.com/ 231 KB
71 KB 161ms
80ms Script
application/javascript 2606:4700::6812:131e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.harnessapp.com/harness-widget-v2.js
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:131e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9eca30ed5ae2abc00b2c3ed1feb3f3e6f17b33b4e522b41283142c2434a99df

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 19:17:23 GMT
server: cloudflare
age: 1406
etag: W/"642f1ac3-39baa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 7bb5dac7a982d912-HEL
expires: Fri, 21 Apr 2023 13:38:14 GMT

GET
H3 200 fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/ 82 KB
82 KB 250ms
215ms Font
font/woff 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 860
cdn-cachedat: 08/25/2022 04:48:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83760
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "fdf491ce5ff5b2da02708cd0e9864719"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f2a67e676d82d87a7ec837ed741cee02
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7bb5dac77dfed90e-HEL
cdn-requestpullsuccess: True

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 191ms
61ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400&family=Roboto:wght@300;400;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 268560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:14 GMT

GET
H/1.1 200
OK squarespace-ui-font.woff
assets.squarespace.com/universal/fonts/ 9 KB
9 KB 61ms
60ms Font
application/octet-stream 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/fonts/squarespace-ui-font.woff
Requested by: Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/sitecss/506c8ea1e4b01d9450dd53f5/347/63efa679c6986c4642d492f3/63efa67ac6986c4642d492f6/0/site.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f

Request headers

Referer: https://static1.squarespace.com/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 May 2019 21:33:27 GMT
Server: UploadServer
ETag: "e99a175a26d1be1ff88c5c1aafc58e1e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9023
Expires: Fri, 21 Apr 2023 14:08:14 GMT

GET
H2 200 getForm Show response
app-ab32.marketo.com/index.php/form/ 3 KB
2 KB 1010ms
1010ms Script
application/javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app-ab32.marketo.com/index.php/form/getForm?munchkinId=570-VPD-925&form=1030&url=https%3A%2F%2Fuser.deldarak.cf%2F&callback=jQuery112405275205136713776_1682082494627&_=1682082494628
Requested by: Host: app-ab32.marketo.com
URL: https://app-ab32.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2c80c8a78833f37ab7195866b28a68c0e06bbafa4412aebff085ac5f1f8e10

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-form-service-request-id: 24b5#187a3edfa92
x-marketo-source: Form Service
cf-ray: 7bb5dac79f2b09ac-ARN
cached: false

GET
H/1.1 200
OK popup-overlay-948192219c3257f767ec5-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 8 KB
2 KB 60ms
60ms Stylesheet
text/css 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/popup-overlay-948192219c3257f767ec5-min.en-US.css
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-dade9d616ff90ebf99b1d-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 590f896a97d55d77713fd2f94ee6c6c807470af8a18ac0f62cca3fa8877cc84d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Sep 2022 18:47:48 GMT
Server: UploadServer
ETag: "b9368f9860b350dd1f8f81629c565a30"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1862
Expires: Fri, 21 Apr 2023 14:08:14 GMT

GET
H/1.1 200
OK popup-overlay-1d6684727ed1189e2aaf0-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 1 MB
313 KB 134ms
73ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/popup-overlay-1d6684727ed1189e2aaf0-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-dade9d616ff90ebf99b1d-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9a395a231a15860187be00cae2759ee25dcd2d47bc8bac4ac4ae7e08a76341e0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 14:45:27 GMT
Server: UploadServer
ETag: "31e4683f6c494181ed8302a21bbea6c4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320197
Expires: Fri, 21 Apr 2023 14:08:14 GMT

GET
H2 200 All%2Bproxima%2Bnova%2Bfont%2BRI%2BWhat%2BWe%2BDo%2BInfographic-01.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1609886035905-BXGZYI1TCBRC1CAR6HNC/ 44 KB
45 KB 57ms
56ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1609886035905-BXGZYI1TCBRC1CAR6HNC/All%2Bproxima%2Bnova%2Bfont%2BRI%2BWhat%2BWe%2BDo%2BInfographic-01.jpg?format=1000w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c188489974487da3522184786994beb5bb937210760c94961ab977520ca682eb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 44, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 248625
x-cache: HIT, HIT
content-length: 45414
x-served-by: cache-iad-kjyo7100140-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.757526,VS0,VE1
etag: CNiS3Ovshe4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 Join+our+newsletter.png
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/e3a3b267-8ca0-4d63-9b7c-5387bbb42d1c/ 24 KB
24 KB 68ms
68ms Image
image/png 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/e3a3b267-8ca0-4d63-9b7c-5387bbb42d1c/Join+our+newsletter.png?format=500w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e10d89b50bc46ddef1ac67c641c00ad85a77bf14444d33b9cf0e21255a53582

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 94, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 184444
x-cache: HIT, HIT
content-length: 24476
x-served-by: cache-iad-kjyo7100152-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.757656,VS0,VE1
etag: CLKdse/1p/UCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 200 RecordHit Show response
user.deldarak.cf/api/census/ 17 B
211 B 516ms
515ms XHR
application/json 65.109.187.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.deldarak.cf/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7f1e337eaa22c7c07dcb1-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.187.121 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.121.187.109.65.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://user.deldarak.cf/
X-CSRF-Token: BWxzfviNTLwSYTc4NmYwMTdkYmMxOTYxMzZmZDM5YmRlNmQ4YmQw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: nginx/1.24.0
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: OHH09HVt/YVv9niar
content-length: 17

POST
H2 200 button-render Show response
user.deldarak.cf/api/census/ 17 B
212 B 538ms
538ms XHR
application/json 65.109.187.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.deldarak.cf/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7f1e337eaa22c7c07dcb1-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.187.121 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.121.187.109.65.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://user.deldarak.cf/
X-CSRF-Token: BWxzfviNTLwSYTc4NmYwMTdkYmMxOTYxMzZmZDM5YmRlNmQ4YmQw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: nginx/1.24.0
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: TcIuKEAR/Wvn6PKXv
content-length: 17

POST
H2 200 button-render Show response
user.deldarak.cf/api/census/ 17 B
210 B 627ms
627ms XHR
application/json 65.109.187.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.deldarak.cf/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7f1e337eaa22c7c07dcb1-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.187.121 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.121.187.109.65.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://user.deldarak.cf/
X-CSRF-Token: BWxzfviNTLwSYTc4NmYwMTdkYmMxOTYxMzZmZDM5YmRlNmQ4YmQw
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: nginx/1.24.0
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: TdqasldL/epBOiqln
content-length: 17

GET
H2 200 IMG_6901-2.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/19ac6fe7-1dd0-4676-99d8-842515b16434/ 53 KB
53 KB 62ms
60ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/19ac6fe7-1dd0-4676-99d8-842515b16434/IMG_6901-2.jpg?format=500w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dbdbc04b3dd6831d1168fdb6e806ef755caddcdf34b715cf07ad5d03a8c2f174

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 11, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 269533
x-cache: HIT, HIT
content-length: 54314
x-served-by: cache-iad-kjyo7100115-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.808718,VS0,VE1
etag: CLfh86zd4/QCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 GettyImages-1217242178-Venezuelan+Migrants+Head+Back+Home+Due+To+Coronavirus.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1647962227422-VZ5FXPRRXOH87Y3SOPDQ/ 567 KB
567 KB 85ms
84ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1647962227422-VZ5FXPRRXOH87Y3SOPDQ/GettyImages-1217242178-Venezuelan+Migrants+Head+Back+Home+Due+To+Coronavirus.jpg?format=2500w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 380d3d37a86d6567a2aa30fd7bdcd502d3e275edbdfd1f35b9651ea450d81a9b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 184, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 190542
x-cache: HIT, HIT
content-length: 580638
x-served-by: cache-iad-kjyo7100098-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.830823,VS0,VE3
etag: CPLOtNyB2vYCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 48ms
47ms Font
font/woff2 2606:4700:e0::ac40:650a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:650a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://user.deldarak.cf/
Origin: https://user.deldarak.cf
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 3346055bb53a57ebf02828b88e1ee87c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ARN56-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BOjBLBwKgoCkXYuP5iZdjesxStj6tCYKm1t4Jh%2FNaTqhfAy48D5zabvfeaynoT39uzE%2BPDbGR9YH%2FEJvyYeutb4BDlUbnipgsNWntVlcw%2BaO%2BjoBwAXje%2FjJWaYKBxYXTGyXJsGGKkbrfrWBr%2B62sXn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7bb5dac8dd0e0a37-ARN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MOW5GDXcuh3qajB1FQRTrKWgXZ4rK37jKuJEpeOBiwOHf18OWxxBFA==

GET
H2 200 GettyImages-1229209014.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681922826866-TD1DIIO40FMEQE61CJDO/ 12 KB
12 KB 96ms
95ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681922826866-TD1DIIO40FMEQE61CJDO/GettyImages-1229209014.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0699b0bdc269a919a9d41cc0434ceb7c7c888486b2bc06c63ec519fc71151b6e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 21, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 158410
x-cache: HIT, HIT
content-length: 11954
x-served-by: cache-iad-kiad7000129-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.871907,VS0,VE2
etag: CJCm5eWytv4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 65ms
65ms Script
application/x-javascript 104.102.38.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.38.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-38-132.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 30 Jul 2023 13:08:14 GMT

GET
H2 200 adsct
t.co/i/ 43 B
202 B 282ms
159ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=526006fa-85b1-463a-99e0-3df92178930a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=572771ab-8fa2-42d1-ae00-f0f169ab241d&tw_document_href=https%3A%2F%2Fuser.deldarak.cf%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3ub2&type=javascript&version=2.3.29

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 21 Apr 2023 13:08:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0ba1e2d3e6ed1d2c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b1c383ae98397c7c65d49399630dedf8acf98759d8f0cc09cdf913ba1ac38154
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 320ms
160ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=526006fa-85b1-463a-99e0-3df92178930a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=572771ab-8fa2-42d1-ae00-f0f169ab241d&tw_document_href=https%3A%2F%2Fuser.deldarak.cf%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3ub2&type=javascript&version=2.3.29

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 21 Apr 2023 13:08:14 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5fcdd36f949384aa
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6ba70c48019c15b39b1ce4e7b41b03222dc853dc9a98b82569b4ef2ad5c41b33
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
376 B 281ms
158ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=b4a4156b-4146-4379-8618-3d0f779584a1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=572771ab-8fa2-42d1-ae00-f0f169ab241d&tw_document_href=https%3A%2F%2Fuser.deldarak.cf%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3ub2&type=javascript&version=2.3.29

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 21 Apr 2023 13:08:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2983bc2a96b122d1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: b1c383ae98397c7c65d49399630dedf8acf98759d8f0cc09cdf913ba1ac38154
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
214 B 326ms
166ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b4a4156b-4146-4379-8618-3d0f779584a1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=572771ab-8fa2-42d1-ae00-f0f169ab241d&tw_document_href=https%3A%2F%2Fuser.deldarak.cf%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3ub2&type=javascript&version=2.3.29

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 108
date: Fri, 21 Apr 2023 13:08:14 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fc19214a32550b4c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6ba70c48019c15b39b1ce4e7b41b03222dc853dc9a98b82569b4ef2ad5c41b33
content-length: 43

GET
H2 200 css
fonts.googleapis.com/ 8 KB
805 B 70ms
69ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aad4d256350048dd4e1037d081240ecacd5e7911e6f28cb956b79441cdad97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 11:58:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 13:08:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
40 KB 87ms
79ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K4Z9L5

Requested by

Host: widget.harnessapp.com
URL: https://widget.harnessapp.com/harness-widget-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a5493bbb3af6201bac05a2a2a240da9866e44132eb965fece24d7946b14e321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41240
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 13:08:14 GMT

GET /
widget-tracker.bespoke-creations.us/ 0
0

GET
H2 200 widget Show response
harnessapp.com/v2.0/charity/82bbc516f2b35e08f2ca/ 343 B
1 KB 360ms
276ms Fetch
application/json 2606:4700::6812:121e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harnessapp.com/v2.0/charity/82bbc516f2b35e08f2ca/widget
Requested by: Host: widget.harnessapp.com
URL: https://widget.harnessapp.com/harness-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:121e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7e6440f9a1d9bc86c6ffefd209f0e8994c70fe95f047e51a455d977ad4157d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 13:08:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
x-cache: MISS
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=1800
cf-ray: 7bb5dac99d28d963-HEL
access-control-allow-headers: X-HTTP-Method-Override,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Origin,Content-Type,Accept,X-Harness-JWT
expires: Fri, 21 Apr 2023 13:38:15 GMT

GET
H2 200 config Show response
harnessapp.com/v2.0/whitelabel/82bbc516f2b35e08f2ca/ 2 KB
1 KB 392ms
309ms Fetch
application/json 2606:4700::6812:121e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harnessapp.com/v2.0/whitelabel/82bbc516f2b35e08f2ca/config
Requested by: Host: widget.harnessapp.com
URL: https://widget.harnessapp.com/harness-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:121e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff81c7f39614c8da0ce6bbabf9e8774c322475f8572cdd49dc71ad6aa1180c66

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 13:08:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
x-cache: MISS
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=1800
cf-ray: 7bb5dac99d2cd963-HEL
access-control-allow-headers: X-HTTP-Method-Override,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Origin,Content-Type,Accept,X-Harness-JWT
expires: Fri, 21 Apr 2023 13:38:15 GMT

GET
H2 200 campaigns Show response
harnessapp.com/v2.0/charity/82bbc516f2b35e08f2ca/ 5 KB
2 KB 380ms
297ms Fetch
application/json 2606:4700::6812:121e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harnessapp.com/v2.0/charity/82bbc516f2b35e08f2ca/campaigns
Requested by: Host: widget.harnessapp.com
URL: https://widget.harnessapp.com/harness-widget-v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:121e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11746f76487ea3fd49e9123bde942269173ba3b53fbeabc8e5d255fb8bb352f4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 21 Apr 2023 13:08:15 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
x-cache: MISS
access-control-allow-origin: *
content-type: application/json
cache-control: public, max-age=1800
cf-ray: 7bb5dac99d2dd963-HEL
access-control-allow-headers: X-HTTP-Method-Override,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Origin,Content-Type,Accept,X-Harness-JWT
expires: Fri, 21 Apr 2023 13:38:15 GMT

GET
H2 200 GettyImages-1251876759.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681759445435-XO6JD1AGE7397HB36S8P/ 20 KB
20 KB 61ms
61ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681759445435-XO6JD1AGE7397HB36S8P/GettyImages-1251876759.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 46df3e1ba92f6d882ba362b107b9d4f561b86ef437409a2f7ba349adcb7f3d53

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 6, 1
date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 322947
x-cache: HIT, HIT
content-length: 20749
x-served-by: cache-iad-kiad7000166-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.981021,VS0,VE2
etag: CO+U6pPSsf4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 258142308724354 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 128ms
126ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/258142308724354?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f436bf902fa45aee983720b2d735ebfd4d3b61d63d5a75b402d9ac018fc0d56b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 21 Apr 2023 13:08:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Ce/3f3Ksqf1gl8OpABub3MUm2wJXuome4ZGHAbapakLSl3oMT30t3qsnI8WoU+QkyI6hQ733LMX/ykLCGoQa7g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 toast.html Show response
assets.funraise.io/widget/common/2.0/ Frame BDF6 1 KB
922 B 473ms
466ms Document
text/html 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89cd58b30004707d2c59032ff4cf519962d9df8d51fe637d2178c16ad125ac

Request headers

Referer: https://user.deldarak.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=15
content-encoding: gzip
content-type: text/html
date: Fri, 21 Apr 2023 13:08:16 GMT
etag: W/"6c2f778ddb0dca7704f5b0f21445eccb"
last-modified: Thu, 20 Apr 2023 16:53:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: Ky6-Tq9uAzseWcrm4zpnoM7_su8YfZhbJwIRhj6iyP_dthlFW5sj0Q==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 403 settings.json Show response
assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/ 243 B
649 B 583ms
455ms XHR
application/xml 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/settings.json
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb27a79ad1d9335ffda85056ea1a296633ab61458ca0b9845d6f4d279ff0309d

Request headers

Accept: application/json
Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:14 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
access-control-allow-origin: *
content-type: application/xml
access-control-max-age: 3000
cache-control: max-age=15
x-amz-cf-id: qMykoS3gu2Hh1zGfjwsG8v8JKefS32CLwIcUuaZV6rFkhJ2kxt5rXQ==

GET
H2 200 features.json Show response
assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/ 405 B
891 B 638ms
510ms XHR
application/json 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/features.json
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e13d4be16a12708eb1304173f2babf15a36ef6f498a01aaa0b9561557dc1df9c

Request headers

Accept: application/json
Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:16 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 405
last-modified: Mon, 20 Sep 2021 02:53:34 GMT
server: AmazonS3
etag: "a79929c3ae41ac9a520ebdb977e0c916"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=15
accept-ranges: bytes
x-amz-cf-id: L9d-HZIBbLVdxqcKSxDs-bTViPuRvgTwwz6UCHe5eu2mTXqoBm1cgw==

GET
H2 200 GettyImages-1231652784.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681742171991-FCYRBMESZMSRRYYT23AG/ 21 KB
22 KB 58ms
57ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681742171991-FCYRBMESZMSRRYYT23AG/GettyImages-1231652784.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba84238fc4848e9dfb74ee76b0d8586b9afcaca475e94512064e797851b3972d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 16, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 340158
x-cache: HIT, HIT
content-length: 21987
x-served-by: cache-iad-kjyo7100158-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.116756,VS0,VE2
etag: CLqmv+eRsf4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
60 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-140866362-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=TAG_ID

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

863e46df374bd40b3696e55e12e1d53c503ef43c48896337314bd66eb5c51a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61742
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H2 200 script.js Show response
09866830beaa.cdn4.forter.com/sn/09866830beaa/ 313 KB
149 KB 220ms
65ms Script
application/javascript 99.86.4.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://09866830beaa.cdn4.forter.com/sn/09866830beaa/script.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-97.fra6.r.cloudfront.net

Software

Resource Hash

320e8d6467ed531f004ae28f108daf08b860551889318f67407e3de02b2dc720

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 13:02:23 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 950752
x-cache: Hit from cloudfront
last-modified: Mon, 10 Apr 2023 13:02:23 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/09866830beaa/62017694173
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=300
timing-allow-origin: *
x-amz-cf-id: CmpBzoUtE33evRMZYiWWzsmr15i_wFgdcZd7VT-cs40SIuI0c0zAlA==
expires: Mon, 10 Apr 2023 13:07:23 GMT

POST
H/1.1 200
OK visitWebPage
570-vpd-925.mktoresp.com/webevents/ 2 B
318 B 819ms
195ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://570-vpd-925.mktoresp.com/webevents/visitWebPage?_mchNc=1682082495141&_mchCn=&_mchId=570-VPD-925&_mchTk=_mch-user.deldarak.cf-1682082495141-81375&_mchHo=user.deldarak.cf&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:15 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 19b3e6cd-1b55-4d8e-a5a1-055edc53c571

GET
H2 200 GettyImages-1001243904.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681221202354-ZLT3M3OAYQ4CXK4IJWCF/ 27 KB
27 KB 69ms
68ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1681221202354-ZLT3M3OAYQ4CXK4IJWCF/GettyImages-1001243904.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f3d42d1937c532c276bd7ef0b0339dce47a60fa08499849cba401ac20549dfb8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 123, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 269532
x-cache: HIT, HIT
content-length: 27465
x-served-by: cache-iad-kiad7000091-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.170989,VS0,VE2
etag: CJ3LmYb9of4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 210ms
61ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX3MPKR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 12:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2430
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 14:27:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
73 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EY9YF3ZLS8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-140866362-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e10fea38a3ee3fcea0b2400ffdcec1bb222c9bc85a5038ee789b907e45490baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74415
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 222ms
82ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a60d69da1596fecefa0361fb48efb1b215583072a27007de5aced6e4c4b6af6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H2 200 GettyImages-1247460915.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1677703236805-0SDWL8S9ROI66I2ZP8IR/ 24 KB
24 KB 64ms
62ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1677703236805-0SDWL8S9ROI66I2ZP8IR/GettyImages-1247460915.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 99aa00353fd6efb3db671780f72cc6f900bbe526fa3d5675680cdecceb50e7fb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 126, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 596308
x-cache: HIT, HIT
content-length: 24512
x-served-by: cache-iad-kiad7000139-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.241764,VS0,VE5
etag: CIC1p83Lu/0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 render Show response
user.deldarak.cf/api/popup-overlay/ 294 KB
19 KB 562ms
559ms XHR
application/json 65.109.187.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://user.deldarak.cf/api/popup-overlay/render?currentUrl=%2F

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/popup-overlay-1d6684727ed1189e2aaf0-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.109.187.121 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.121.187.109.65.clients.your-server.de

Software

nginx/1.24.0 /

Resource Hash

541e19387169f9ababe9475dd08fe96ec682e3a6ba20969643825fc051a22e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
server: nginx/1.24.0
vary: Accept-Encoding, User-Agent
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: TrPfFt4o/nJd1rvti

GET
H/1.1 200
OK pinterest-3d55c64c25996c7633fc2-min.en-US.css
assets.squarespace.com/universal/styles-compressed/ 0
479 B 61ms
59ms Stylesheet
text/css 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/styles-compressed/pinterest-3d55c64c25996c7633fc2-min.en-US.css
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-dade9d616ff90ebf99b1d-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Mar 2021 21:49:06 GMT
Server: UploadServer
ETag: "f0d79988b7772c003d04a28bd7417a62"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23
Expires: Fri, 21 Apr 2023 14:08:15 GMT

GET
H/1.1 200
OK pinterest-c37730f8d94081583214d-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 92 KB
30 KB 58ms
57ms Script
text/javascript 2a02:26f0:480:39e::4205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/pinterest-c37730f8d94081583214d-min.en-US.js
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-dade9d616ff90ebf99b1d-min.en-US.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:39e::4205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a44e6806427cc9a4baf6c12fe2865d489827c038e443f7b37265ff812716d1b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 13:08:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Apr 2023 21:42:33 GMT
Server: UploadServer
ETag: "06e6565e5b3542f9ecf86c1082495c74"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30059
Expires: Fri, 21 Apr 2023 14:08:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R0WEKF3S3J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K4Z9L5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ceee496127aaffe0540e14ab98b66113dc39a7d00ffbfb48f5fb71220a2504a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H2 200 GettyImages-1230914898.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680810442211-067TRU41TARPMDDBHP17/ 28 KB
29 KB 60ms
57ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680810442211-067TRU41TARPMDDBHP17/GettyImages-1230914898.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b96b379e0a248b2d573ca68cc175b65912da3c166bf5511ab397b5c363fcaf4b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 23, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 60717
x-cache: HIT, HIT
content-length: 29079
x-served-by: cache-iad-kjyo7100101-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.397518,VS0,VE1
etag: CO7wlOyClv4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 188ms
59ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=258142308724354&ev=PageView&dl=https%3A%2F%2Fuser.deldarak.cf%2F&rl=&if=false&ts=1682082495393&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682082495391.1026088984&it=1682082494975&coo=false&rqm=GET

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 21 Apr 2023 13:08:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 NTN24-RachelCover.png
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680198091307-MIIDAPYW7PG2QMOY9C6V/ 106 KB
106 KB 60ms
59ms Image
image/png 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680198091307-MIIDAPYW7PG2QMOY9C6V/NTN24-RachelCover.png?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4e203a5882b89bb85ffe3a00d1d71638c4275db29e5fffbe718174549b5810a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 34, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 66941
x-cache: HIT, HIT
content-length: 108134
x-served-by: cache-iad-kjyo7100042-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082495.431044,VS0,VE2
etag: CKGTndaZhP4CEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 177ms
90ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-EY9YF3ZLS8&gtm=45je34j0&_p=634658743&cid=947771445.1682082495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682082495&sct=1&seg=0&dl=https%3A%2F%2Fuser.deldarak.cf%2F&dt=Refugees%20International&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EY9YF3ZLS8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.deldarak.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embedded-api.html Show response
refugeesinternational.harnessgiving.org/ Frame A2AE 1 KB
1 KB 402ms
176ms Document
text/html 2606:4700:3033::6815:17a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://refugeesinternational.harnessgiving.org/embedded-api.html

Requested by

Host: widget.harnessapp.com
URL: https://widget.harnessapp.com/harness-widget-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:17a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc3baef390647120e0cdd926a0ac8a07b15ab857d723c754da0a6cc87ddeae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.deldarak.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 7bb5dacdfc56d977-HEL
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 13:08:15 GMT
etag: W/"869d2f62bc107bf5c181b5813176b6f5"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC4nlnCqZBTZgNTMPWK7Koh7bO%2F6gv8%2F4Ojk08tQnTfYSo2BgtNsxtNn6h7bEg3oJrIHWO0n3bFTvFWq83En86tuxRq7CiN0U2Ds4h5bJdaYtlHoblspK7aBGmuUGeiZ72D5dhOSlkUb11uv3%2FMEicqHPBI%2FMOhOmvQgqFvUdVaBrlVY9eI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 css
fonts.googleapis.com/ Frame FDCF 28 KB
1 KB 72ms
71ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b50ad158ee613243083570bf8981e7cbbc3d1374c726a537fa0d5adeca9103a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:14:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H3 200 icon
fonts.googleapis.com/ Frame FDCF 569 B
366 B 78ms
77ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 13:08:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H2 200 Channel4News-Cover.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680190620017-2JPXCPFP2EIGDNFM0E3W/ 36 KB
36 KB 59ms
58ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680190620017-2JPXCPFP2EIGDNFM0E3W/Channel4News-Cover.jpg?format=500w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8000476979a6b03622d15d170d6a97c9e2737e7cb455e9475532bd99daaa7172

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 80, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 279962
x-cache: HIT, HIT
content-length: 36842
x-served-by: cache-iad-kjyo7100093-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.515902,VS0,VE3
etag: CPD47On9g/4CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 69ms
68ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=634658743&t=pageview&_s=1&dl=https%3A%2F%2Fuser.deldarak.cf%2F&ul=en-us&de=UTF-8&dt=Refugees%20International&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEADQAAAACAAI~&jid=1746324869&gjid=2042449434&cid=947771445.1682082495&tid=UA-910630-1&_gid=375947431.1682082496&_r=1&_slc=1&gtm=45He34j0n81WX3MPKR&z=57320250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.deldarak.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 114 KB
45 KB 74ms
74ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-P2JHGJ2&t=gtag_UA_140866362_1&cid=947771445.1682082495

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b5de2392945b8f0c3167cb95e53c5165fa21f6955573a52eb19d16ab11d40ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45436
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 13:08:15 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/ 184 KB
62 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63257
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Apr 2024 12:35:25 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 76ms
75ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R0WEKF3S3J&gtm=45je34j0&_p=634658743&cid=947771445.1682082495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682082495&sct=1&seg=0&dl=https%3A%2F%2Fuser.deldarak.cf%2F&dt=Refugees%20International&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R0WEKF3S3J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.deldarak.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GettyImages-1249688222.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680022066280-1Q6LMYITGYE5U7J7Z2O9/ 19 KB
20 KB 58ms
57ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680022066280-1Q6LMYITGYE5U7J7Z2O9/GettyImages-1249688222.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6133a297aa07d0bf3234fafae2caf717be520e8bd005a1869bab526f30f1cb19

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 120, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 242288
x-cache: HIT, HIT
content-length: 19877
x-served-by: cache-iad-kcgs7200131-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.574229,VS0,VE2
etag: CJ+CnPWJ//0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
BLOB 200
OK 8eedd9c2-2a73-4c8c-8dd4-148bed1d291d
https://user.deldarak.cf/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://user.deldarak.cf/8eedd9c2-2a73-4c8c-8dd4-148bed1d291d
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ddbf231a97628eb2a54f785bb9bd487ae8f2d202c281deb95851facddbee92

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H2 200 toast-css.css
assets.funraise.io/widget/common/2.0/ Frame BDF6 1 KB
972 B 61ms
61ms Stylesheet
text/css 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/toast-css.css
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5b954f658a663ad5b24929244fc7584635b34517b022fba7c3e3aaa10f5453d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:05:04 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Wed, 05 Apr 2023 02:02:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 192
x-amz-server-side-encryption: AES256
etag: W/"eaf8290b1e339968dbe0b1ad525d26f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=15
x-amz-cf-id: zhkYb5P52jPYsVj1d5oQJEMBdjJ7MVRxVKX8hmLXIXti7PA_D6jzfg==

GET
H2 200 toast-css.js Show response
assets.funraise.io/widget/common/2.0/ Frame BDF6 1 KB
989 B 61ms
61ms Script
application/javascript 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/toast-css.js
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43361034d3c6b89f3d8bbe4ab3e518477b337bc240d70b2842ea2917667c83fd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:05:04 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 23:26:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 218
x-amz-server-side-encryption: AES256
etag: W/"79672f371c0cbf088b3a00c6ca77a011"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=15
x-amz-cf-id: CIXSjqBCHRrCl_KrIkyTrKtpQSlg5qiXjWB7hvmnWSOF_wbHYFl-TA==

GET
H2 200 toast.js Show response
assets.funraise.io/widget/common/2.0/ Frame BDF6 405 KB
131 KB 459ms
458ms Script
application/javascript 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/toast.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f6d21fc444bdd08ce4845372d23368b5924b9493e3fcffab93bcec7a877b56d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/widget/common/2.0/toast.html?orgId=24978828-7d8f-422b-87bf-f695ef19b68e&host=user.deldarak.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:16 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 16:53:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"4fedda4d589be236e81c8a147890be73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=15
x-amz-cf-id: 93JwsmEVq4A8FTYRjodlnR4eGRaf47tPytCgp6oWwpvVDZUd70F8OA==

GET
H2 200 GettyImages-1451581519.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680021373630-YVYNL99XWIY7F18Y3GW2/ 22 KB
22 KB 62ms
60ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1680021373630-YVYNL99XWIY7F18Y3GW2/GettyImages-1451581519.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 50e4b0329c9122ea8a38346f7563e9e2f39403e16c45d3c812e8074582d8a9af

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 122, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 204438
x-cache: HIT, HIT
content-length: 22434
x-served-by: cache-iad-kcgs7200163-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.600375,VS0,VE3
etag: COfL9KqH//0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 208ms
65ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-910630-1&cid=947771445.1682082495&jid=1746324869&gjid=2042449434&_gid=375947431.1682082496&_u=YADAAEACQAAAACAAI~&z=267527229

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 13:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.deldarak.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GettyImages-1247839023.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679921422093-LBOU2ODDOUDOWQG2O9S3/ 19 KB
19 KB 59ms
57ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679921422093-LBOU2ODDOUDOWQG2O9S3/GettyImages-1247839023.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ef2c392e15d738a01f63176fd653c74eec2774ff70124e75b9852b1cb574c4aa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 64, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 286736
x-cache: HIT, HIT
content-length: 19348
x-served-by: cache-iad-kcgs7200053-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.627625,VS0,VE1
etag: CL2zmf6S/P0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 Kenya+-+GettyImages-1245377830.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679696017774-L9XJ84XHGZ8HFZTXJ6GE/ 23 KB
23 KB 60ms
59ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679696017774-L9XJ84XHGZ8HFZTXJ6GE/Kenya+-+GettyImages-1245377830.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bc341ed28c4df4eb36d2f1cb77e0967756b75dc30113f8978f2578b33906085

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 60, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 192614
x-cache: HIT, HIT
content-length: 23790
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.627609,VS0,VE1
etag: CPT+m6XL9f0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 GettyImages-1239380627-2.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679505900261-1UN86MH9TX7XUGEW6I3K/ 25 KB
26 KB 61ms
60ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679505900261-1UN86MH9TX7XUGEW6I3K/GettyImages-1239380627-2.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6beb51b1948e6e232ba213a0a20f70b53063089eeb1302f36e9317efc5552b9e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 103, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 190528
x-cache: HIT, HIT
content-length: 26028
x-served-by: cache-iad-kcgs7200073-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.645770,VS0,VE1
etag: CMPq/oWH8P0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 payments.json Show response
assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/ 2 KB
2 KB 462ms
462ms XHR
application/json 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/payments.json
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 222ff5a8f83918c23e3057b8de2d180619ddb161dbd59213622b9ba33c0ae842

Request headers

Accept: application/json
Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:17 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
last-modified: Mon, 20 Sep 2021 02:53:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"995b22e4b5eb36fd0f0f830d935988e8"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=15
x-amz-cf-id: kLFqmpcF48NPmzrDuiBMzL4DnhseaDR5vHZNgulKwlS-woiwArby_g==

GET
H2 200 GettyImages-1245847613.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679499018478-8P2SXRUEK9L7N6JMUGEJ/ 23 KB
23 KB 62ms
60ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679499018478-8P2SXRUEK9L7N6JMUGEJ/GettyImages-1245847613.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b034b1b5e3e7f3556f8adf7f11d847b8d2170daaa3fdcbd117cb639bae2deedc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 114, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 239259
x-cache: HIT, HIT
content-length: 23555
x-served-by: cache-iad-kiad7000083-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.721557,VS0,VE3
etag: CJ299bTt7/0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 GettyImages-1188095558-Rohingya-Allison+Joyce.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679500547565-TFIKE28VO8ENBZRFLZUM/ 17 KB
18 KB 58ms
57ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679500547565-TFIKE28VO8ENBZRFLZUM/GettyImages-1188095558-Rohingya-Allison+Joyce.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36b203a225b14ac9f840266fc59c5d8d74122c6f0ef6932bdca5e0a323a24322

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 23, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 588962
x-cache: HIT, HIT
content-length: 17810
x-served-by: cache-iad-kjyo7100057-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.779761,VS0,VE1
etag: CIeKuY3z7/0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2

200

7ab65ece6e4878783f22bb1918fa01b6a1b1cc5d268d1062b8ef345eb795c640ac7f4bc661175fe5ddf94cdcaa79 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/7ab65ece6e4878783f22bb1918fa01b6a1b1cc5d268d1062b8ef345eb795c640ac7f4bc661175fe5ddf94cdcaa79

0
323 B

155ms
154ms

XHR
text/plain

143.204.89.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/7ab65ece6e4878783f22bb1918fa01b6a1b1cc5d268d1062b8ef345eb795c640ac7f4bc661175fe5ddf94cdcaa79

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Server

143.204.89.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-62.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:16 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 15ScUHcYmkpeiicV8kXnfE-KzRj70K-N0P4DJ2qQIToH-OpkkLYCyg==

Redirect headers

date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/7ab65ece6e4878783f22bb1918fa01b6a1b1cc5d268d1062b8ef345eb795c640ac7f4bc661175fe5ddf94cdcaa79
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: 9iOg0cgV_lqgnReX3DhxNnbU-M7Fs_EbfQzXs_OH7UyKA1HqN-W7dQ==

GET
BLOB 200
OK 8da4542b-1419-45b6-84b1-42f03eaae2b0
https://user.deldarak.cf/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://user.deldarak.cf/8da4542b-1419-45b6-84b1-42f03eaae2b0
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72d175b68724896d3d916d16f3740fef02b634857bd8177d84a9c142ee946f73

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 17378
Content-Type: application/javascript

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 68ms
68ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=634658743&t=pageview&_s=1&dl=https%3A%2F%2Fuser.deldarak.cf%2F&ul=en-us&de=UTF-8&dt=Refugees%20International&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUADQAAAACAAI~&jid=35264648&gjid=557852422&cid=947771445.1682082495&tid=UA-140866362-1&_gid=375947431.1682082496&_r=1&gtm=457e34j0&jsscut=1&z=1163055244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.deldarak.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
60ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=634658743&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuser.deldarak.cf%2F&ul=en-us&de=UTF-8&dt=Refugees%20International&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=10%25&el=%2F&_u=aCDAAUADQAAAACAAI~&jid=&gjid=&cid=947771445.1682082495&tid=UA-910630-1&_gid=375947431.1682082496&gtm=45He34j0n81WX3MPKR&z=1385726746

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 05:47:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26423
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 65ms
62ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=634658743&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuser.deldarak.cf%2F&ul=en-us&de=UTF-8&dt=Refugees%20International&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2F&_u=aCDAAUADQAAAACAAI~&jid=&gjid=&cid=947771445.1682082495&tid=UA-910630-1&_gid=375947431.1682082496&gtm=45He34j0n81WX3MPKR&z=729880409

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 05:47:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26423
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms2.css
app-ab32.marketo.com/js/forms2/css/ 13 KB
3 KB 50ms
50ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab32.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab32.marketo.com
URL: https://app-ab32.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
cf-cache-status: HIT
age: 939
content-length: 2623
last-modified: Thu, 23 Mar 2023 21:46:36 GMT
server: cloudflare
etag: "a2016c-3437-5f79835f6a700"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7bb5dacebefd09ac-ARN
expires: Fri, 21 Apr 2023 17:08:15 GMT

GET
H2 200 forms2-theme-simple.css
app-ab32.marketo.com/js/forms2/css/ 826 B
326 B 50ms
50ms Stylesheet
text/css 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab32.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-ab32.marketo.com
URL: https://app-ab32.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 21:46:36 GMT
server: cloudflare
age: 939
etag: "a20168-33a-5f79835f6a700"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7bb5dacebefe09ac-ARN
content-length: 242
expires: Fri, 21 Apr 2023 17:08:15 GMT

GET
H2 200 GettyImages-1246389473.jpg
images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679340623304-5XALMAEJC19WB2FZ3FVD/ 23 KB
23 KB 58ms
57ms Image
image/jpeg 151.101.128.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/506c8ea1e4b01d9450dd53f5/1679340623304-5XALMAEJC19WB2FZ3FVD/GettyImages-1246389473.jpg?format=300w
Requested by: Host: user.deldarak.cf
URL: https://user.deldarak.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e59aea6686d26b2de272149c840ee652e6e4ce5287b2e142c073a2763993f1b1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 30, 1
date: Fri, 21 Apr 2023 13:08:15 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 260202
x-cache: HIT, HIT
content-length: 23515
x-served-by: cache-iad-kiad7000100-IAD, cache-fra-eddf8230041-FRA
x-timer: S1682082496.832232,VS0,VE1
etag: CPuLtqyf6/0CEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/ 20 B
360 B 551ms
266ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/prop.json?_=1682082495796
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:16 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://user.deldarak.cf
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 66ms
66ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-140866362-1&cid=947771445.1682082495&jid=35264648&gjid=557852422&_gid=375947431.1682082496&_u=aCDAAUADQAAAACAAI~&z=660726024

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 13:08:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://user.deldarak.cf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XDFrame Show response
app-ab32.marketo.com/index.php/form/ Frame F5C1 2 KB
886 B 147ms
146ms Document
text/html 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab32.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab32.marketo.com
URL: https://app-ab32.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccd7658820ead1b417914c776e057885c5cdb0d15241d96bfab9125ea7c8a427

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://user.deldarak.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7bb5dacf8fcc09ac-ARN
content-encoding: gzip
content-length: 652
content-type: text/html; charset=utf-8
date: Fri, 21 Apr 2023 13:08:16 GMT
server: cloudflare
strict-transport-security: max-age=63113904
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 / Show response
www.facebook.com/tr/ Frame A49A 0
50 B 60ms
59ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://user.deldarak.cf
Referer: https://user.deldarak.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://user.deldarak.cf
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 13:08:15 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 forms2.min.js Show response
app-ab32.marketo.com/js/forms2/js/ Frame F5C1 208 KB
69 KB 53ms
53ms Script
application/x-javascript 104.16.95.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab32.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-ab32.marketo.com
URL: https://app-ab32.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://app-ab32.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 21:46:36 GMT
server: cloudflare
age: 2740
etag: "268180c-33e51-5f79835f6a700"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 7bb5dad078c709ac-ARN
expires: Fri, 21 Apr 2023 17:08:16 GMT

GET
H2 200 config.json Show response
assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/7756/2.0/ 4 KB
2 KB 452ms
452ms XHR
application/json 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/7756/2.0/config.json
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 882b4d5bca612b107b5dc1a04d2fc7174b7a5cf886b21983deceb38941023461

Request headers

Accept: application/json
Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:17 GMT
content-encoding: gzip
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
last-modified: Mon, 23 May 2022 07:03:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"22b357da5d287c913bbe88a60af4bdc3"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=15
x-amz-cf-id: -XekwwcJer2yiJYxG2pb22oa9aLfwg_lDyMWDTCq67SJFf-F9Selwg==

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/ 20 B
360 B 134ms
134ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/prop.json?_=1682082496363
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:16 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://user.deldarak.cf
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 / Show response
log.pinterest.com/ 0
337 B 323ms
88ms Script
text/plain 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://log.pinterest.com/?guid=MFf72UwxU5uS&type=pidget&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&via=https%3A%2F%2Fuser.deldarak.cf%2F&callback=PIN_1682082495481.f.callback[0]
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/pinterest-c37730f8d94081583214d-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 21 Apr 2023 13:08:16 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 5
x-pinterest-rid: 1571150858010112
content-length: 0
x-served-by: cache-fra-eddf8230024-FRA
pragma: no-cache
server: envoy
x-timer: S1682082497.843378,VS0,VE33
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
60ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=634658743&t=event&ni=0&_s=1&dl=https%3A%2F%2Fuser.deldarak.cf%2F&ul=en-us&de=UTF-8&dt=Refugees%20International&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=aCDAAUADQAAAACAAI~&jid=&gjid=&cid=947771445.1682082495&tid=UA-910630-1&_gid=375947431.1682082496&gtm=45He34j0n81WX3MPKR&z=2121335253

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 05:47:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26424
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prop.json
494eb2d326934d79a2bf85f709e18a4d-09866830beaa.cdn.forter.com/ 2 B
624 B 417ms
133ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://494eb2d326934d79a2bf85f709e18a4d-09866830beaa.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 21 Apr 2023 13:08:16 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Thu, 06 Apr 2023 12:08:55 GMT
Server: Apache
ETag: "2-5f8a9c5d39ab9"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://user.deldarak.cf
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 form.html Show response
assets.funraise.io/widget/common/2.0/ Frame E46C 2 KB
1 KB 63ms
63ms Document
text/html 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/inject-form.js?orgId=24978828-7d8f-422b-87bf-f695ef19b68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f40d8ea5c7ef6458b0b12280731c5c7124672724cbdd5cc0a51fba18147fea3

Request headers

Referer: https://user.deldarak.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

age: 137
cache-control: max-age=15
content-encoding: gzip
content-type: text/html
date: Fri, 21 Apr 2023 13:08:16 GMT
etag: W/"88039721d15a721dd1dd70e1236b5341"
last-modified: Fri, 14 Apr 2023 23:25:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-amz-cf-id: CGQ1eg_Lhz-gG0_N1J5xof2IvhofZT6EjQgt-fRl1Qw7fJBA9yCHVg==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/ 20 B
360 B 134ms
133ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/prop.json?_=1682082496633
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:16 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://user.deldarak.cf
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H2 200 form-beta-css.css
assets.funraise.io/widget/common/2.0/ Frame E46C 247 KB
25 KB 61ms
60ms Stylesheet
text/css 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/form-beta-css.css
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2ece516648e5bf2c7cf767d68d7725f5d418a2ae703c7da7307e51ef631c258

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:05:06 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 23:25:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 221
x-amz-server-side-encryption: AES256
etag: W/"acf1bacfe4aa7b91dac468e8a8bac645"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=15
x-amz-cf-id: XDnrQqFqpfadE_vOUSLUyq-qQ9f6mgt3cVcOuem0NQbCyqNGYmozWg==

GET
H2 200 form-beta-css.js Show response
assets.funraise.io/widget/common/2.0/ Frame E46C 1 KB
967 B 61ms
60ms Script
application/javascript 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/form-beta-css.js
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4d2424d4ca63f424bba501fa012ba5931fffec09e644a6a90d10017a92aecfe

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:05:06 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Sat, 08 Apr 2023 23:19:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 221
x-amz-server-side-encryption: AES256
etag: W/"e29ff3fb49187110e992e8f358edb5be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=15
x-amz-cf-id: zokVOMgjfh4yTXEvFpalU1XWFMCbjXhpDMrIaALRoaJILepm-tTdSA==

GET
H2 200 form.js Show response
assets.funraise.io/widget/common/2.0/ Frame E46C 1 MB
359 KB 82ms
81ms Script
application/javascript 2600:9000:2057:ae00:b:201e:bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.funraise.io/widget/common/2.0/form.js?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ae00:b:201e:bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01c1b7c025226e0eca50e56738ce01bd46027dc2dee0c70ec6d581bb32edaccf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:16 GMT
content-encoding: gzip
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified: Thu, 20 Apr 2023 16:53:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 136
x-amz-server-side-encryption: AES256
etag: W/"3102b5b3121ea7d0efd73f9aeae5c5db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=15
x-amz-cf-id: FbRvss_OlbQXMwmn1J1FfoIs0LVBA-u-VP7pwoVO3_u36xpwp_58Sw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame E46C 852 B
876 B 202ms
70ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd43c6a75ec190add846a0404e9ee78a713fd6ec7b12f4e1ce970c77cd4be8ef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 13:08:16 GMT

POST
H2 200 events
cdn3.forter.com/ 0
242 B 624ms
349ms Ping
text/plain 52.71.247.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.247.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-247-184.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:17 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://user.deldarak.cf
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

GET
H2 200 logger-1.min.js Show response
cdn.lr-ingest.io/ Frame E46C 819 KB
163 KB 146ms
65ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger-1.min.js

Requested by

Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.js?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05f8bca58478ef80ec287db4c64469d40e8aa56873000a2db8ad585eb6991cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:17 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hel1410029-HEL
last-modified: Fri, 21 Apr 2023 00:27:06 GMT
server: cloudflare
x-timer: S1682036925.530500,VS0,VE129
etag: W/"57a04b8afb74ce82c794b8332a7c33f23ebd42a1085ae94c48a05c08b6aa24a9"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yJwaQeSiPmWK6uo2wocWRx3qglrW1I8tmjSohdTn0UqTxT0AFZx0BUWtbHcrf1ce6WDv%2FfxLakDWFSZL%2BJL3RjfAKfXn%2Ba3XvBSVwFXOAfJl9S1a%2FOfSasCKBaSEHCtjIGtvvLhyCMe7rh%2FRUIK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 7bb5dad66bb5d92e-HEL
x-cache-hits: 0

GET
H2 200 recaptcha__fi.js Show response
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ Frame E46C 410 KB
165 KB 192ms
62ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__fi.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ba24c406705ec9eab7a16077d987f684878fcaa3e44bc9a262a07b6560dddea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://assets.funraise.io/
Origin: https://assets.funraise.io
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168290
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 03:50:08 GMT

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/ 20 B
417 B 135ms
134ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:17 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://user.deldarak.cf
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/ Frame 0
0 135ms
135ms Preflight 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/494eb2d326934d79a2bf85f709e18a4d/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://user.deldarak.cf
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Apr 2023 13:08:17 GMT
Vary: Access-Control-Request-Headers

GET
BLOB 200
OK dd7ad1bb-7c49-41bb-ad92-521b55cb4ba0
https://assets.funraise.io/ Frame E46C 455 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://assets.funraise.io/dd7ad1bb-7c49-41bb-ad92-521b55cb4ba0
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.html?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 674c98066eaa55f332f72049cfebb696ef587e6e7583a2772dc4114d25a51e44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 465945
Content-Type

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E46C 206 KB
74 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JQMDEP3GG8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32bcc5d58370a03dd9cef2ce895b9f687929f82c3ff632b6dee94ec5873f7bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 13:08:17 GMT

POST
H/1.1 429
Too Many Requests / Show response
sentry.io/api/1730914/store/ Frame E46C 198 B
766 B 627ms
154ms Fetch
application/json 35.188.42.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1730914/store/?sentry_key=332daa465da24d01b33ab8a94edf993c&sentry_version=7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://assets.funraise.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 21 Apr 2023 13:08:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 198
x-sentry-rate-limits: 60:default;error;security;attachment:organization:error_usage_exceeded
retry-after: 60

GET
H2 200 script.js Show response
09866830beaa.cdn4.forter.com/snS/09866830beaa/ Frame E46C 313 KB
149 KB 446ms
446ms Script
application/javascript 99.86.4.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://09866830beaa.cdn4.forter.com/snS/09866830beaa/script.js

Requested by

Host: user.deldarak.cf
URL: https://user.deldarak.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-97.fra6.r.cloudfront.net

Software

Resource Hash

f0adcc4106baf6a5c7029e78ba3a0e806820bf265326eca88949a1bfdfbef4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:17 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
last-modified: Fri, 21 Apr 2023 13:08:17 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/09866830beaa/99030094412
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
cache-control: private, max-age=300
timing-allow-origin: *
x-amz-cf-id: VXNSLX1D6XlYkzfworIrjV-SOTp4nCoFwL997kFTGQi979VxpfU8hA==
expires: Fri, 21 Apr 2023 13:13:17 GMT

GET icon24.png
gighmmpiobklfepjocnamgkkbiglidom/icons/ Frame 43BE 0
0

GET close-icon.svg
ihcjicgdanjaechkgeegckofjjedodee/app/assets/ Frame D667 0
0

GET
H2 200 logo_small.gif
duuytoqss3gu4.cloudfront.net/ 43 B
384 B 205ms
61ms Image
image/gif 2600:9000:2250:6e00:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_small.gif?dfpadname=&check=1682082497584
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:00:16 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 380970
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: kZiv3NiXRZBrAGIRfg4K5Tfzu0Linl-s9E50wVmssllIvh7bgT29kw==

GET
H2 200 logo_medium.gif
duuytoqss3gu4.cloudfront.net/ 43 B
382 B 206ms
62ms Image
image/gif 2600:9000:2250:6e00:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_medium.gif?check=1682082497584&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:40:51 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 16047
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: hrDGNH0DQwlvxInBbssKJGE3bsJiPV55IOPCRF0eTE6jpJQa3puBVA==

GET
H2 200 logo_large.gif
duuytoqss3gu4.cloudfront.net/ 43 B
382 B 206ms
63ms Image
image/gif 2600:9000:2250:6e00:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_large.gif?1682082497584&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://user.deldarak.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 08:14:04 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 968054
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: n8xNznpp2jekqhenuhuwuGezaDLcWv3OL2O02M6G5pnNug6C6pi5WQ==

GET icon16.png
mlomiejdfkolichcflejclcbmpeaniij/app/images/ Frame 9100 0
0

GET
BLOB 200
OK aa6303e4-6174-4e52-a95c-17b285b6cae9
https://assets.funraise.io/ Frame E46C 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://assets.funraise.io/aa6303e4-6174-4e52-a95c-17b285b6cae9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99ddbf231a97628eb2a54f785bb9bd487ae8f2d202c281deb95851facddbee92

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H2

200

78bd0eca35192b736c23b04b18fa02eea1b69b597b804e65eae06756b996c315ac7f4bc661175fe5ddf941d1a571 Show response
cdn9.forter.com/vchk2/v1/ Frame E46C
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/78bd0eca35192b736c23b04b18fa02eea1b69b597b804e65eae06756b996c315ac7f4bc661175fe5ddf941d1a571

0
323 B

154ms
154ms

XHR
text/plain

143.204.89.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/78bd0eca35192b736c23b04b18fa02eea1b69b597b804e65eae06756b996c315ac7f4bc661175fe5ddf941d1a571

Protocol

Server

143.204.89.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-62.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:08:18 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: sVx1IIBgrD8yvteO-4PmM1XzEELvsVmOR7mC1s7yGvFE_QxNJ-Airg==

Redirect headers

date: Fri, 21 Apr 2023 13:08:18 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/78bd0eca35192b736c23b04b18fa02eea1b69b597b804e65eae06756b996c315ac7f4bc661175fe5ddf941d1a571
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: cJKrMn5oC4oUnTEKwkl0lAnHOOKe8soUmiuKUP_W55xm_Koj0-xRGw==

GET
BLOB 200
OK 552e9bc4-7b83-447d-965b-8feef72211b4
https://assets.funraise.io/ Frame E46C 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://assets.funraise.io/552e9bc4-7b83-447d-965b-8feef72211b4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72d175b68724896d3d916d16f3740fef02b634857bd8177d84a9c142ee946f73

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 17378
Content-Type: application/javascript

POST
H/1.1 200
OK prop.json
62da9c78a72a4d4aa55be880b6696b11-09866830beaa.cdn.forter.com/ Frame E46C 2 B
626 B 415ms
133ms Ping
application/json 100.26.87.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://62da9c78a72a4d4aa55be880b6696b11-09866830beaa.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 100.26.87.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-87-64.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://assets.funraise.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 21 Apr 2023 13:08:18 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Fri, 21 Apr 2023 12:08:43 GMT
Server: Apache
ETag: "2-5f9d784b32c0d"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://assets.funraise.io
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/ Frame E46C 20 B
362 B 134ms
133ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/prop.json?_=1682082498219
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.js?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:18 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://assets.funraise.io
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/ Frame E46C 20 B
362 B 134ms
133ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/prop.json?_=1682082498489
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.js?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:18 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://assets.funraise.io
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/ Frame E46C 20 B
362 B 134ms
134ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/prop.json?_=1682082498757
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.js?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:18 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://assets.funraise.io
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/ Frame E46C 20 B
419 B 134ms
134ms XHR
application/json 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/wpt.json
Requested by: Host: assets.funraise.io
URL: https://assets.funraise.io/widget/common/2.0/form.js?href=https%3A%2F%2Fassets.funraise.io&common=%2Fwidget%2Fcommon%2F2.0&client=%2Fwidget%2Fclient&orgid=24978828-7d8f-422b-87bf-f695ef19b68e&formid=7756-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://assets.funraise.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 13:08:19 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://assets.funraise.io
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/ Frame 0
0 134ms
134ms Preflight 54.243.108.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/09866830beaa/62da9c78a72a4d4aa55be880b6696b11/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.108.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-108-33.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.funraise.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Fri, 21 Apr 2023 13:08:19 GMT
Vary: Access-Control-Request-Headers

GET
H2 200 logo_small.gif
duuytoqss3gu4.cloudfront.net/ Frame E46C 43 B
384 B 62ms
62ms Image
image/gif 2600:9000:2250:6e00:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_small.gif?dfpadname=&check=1682082499204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:00:16 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 380972
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: cGXOEajKyB_581AjER-Dt8WwjGhUAdc0hSPH5HzLHXqsGmKJglbFrg==

GET
H2 200 logo_medium.gif
duuytoqss3gu4.cloudfront.net/ Frame E46C 43 B
381 B 63ms
62ms Image
image/gif 2600:9000:2250:6e00:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_medium.gif?check=1682082499204&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:40:51 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 16049
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: J9ap2ZSf10GMvTonWcmr8omQaofrr4DvU8u2-GWmM5NTyCbB-dRy3A==

GET
H2 200 logo_large.gif
duuytoqss3gu4.cloudfront.net/ Frame E46C 43 B
383 B 63ms
63ms Image
image/gif 2600:9000:2250:6e00:1d:9f28:ff00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duuytoqss3gu4.cloudfront.net/logo_large.gif?1682082499204&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6e00:1d:9f28:ff00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://assets.funraise.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 08:14:04 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 968056
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: EkS82NgWy7VDCcWSrAXYPZywoNUl68sWido_wmm8jeHyJAtF1O2kuQ==

POST
H2 200 events
cdn3.forter.com/ Frame E46C 0
241 B 269ms
268ms Ping
text/plain 52.71.247.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.247.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-247-184.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://assets.funraise.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:19 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://assets.funraise.io
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

POST
H2 200 events
cdn3.forter.com/ 0
241 B 136ms
136ms Ping
text/plain 52.71.247.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.247.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-247-184.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://user.deldarak.cf/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:21 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://user.deldarak.cf
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

POST
H2 200 events
cdn3.forter.com/ Frame E46C 0
241 B 136ms
135ms Ping
text/plain 52.71.247.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.247.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-247-184.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://assets.funraise.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 13:08:21 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://assets.funraise.io
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widget-tracker.bespoke-creations.us
URL: https://widget-tracker.bespoke-creations.us/?charity_id=82bbc516f2b35e08f2ca

Domain: gighmmpiobklfepjocnamgkkbiglidom
URL: chrome-extension://gighmmpiobklfepjocnamgkkbiglidom/icons/icon24.png

Domain: ihcjicgdanjaechkgeegckofjjedodee
URL: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/assets/close-icon.svg

Domain: mlomiejdfkolichcflejclcbmpeaniij
URL: chrome-extension://mlomiejdfkolichcflejclcbmpeaniij/app/images/icon16.png

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
user.deldarak.cf/	1969-12-31 23:59:59	Name: crumb Value: BWxzfviNTLwSYTc4NmYwMTdkYmMxOTYxMzZmZDM5YmRlNmQ4YmQw
.app-ab32.marketo.com/	1970-01-20 11:14:44	Name: __cf_bm Value: 07ZbbXB1mCJJ2lEHaLwG4Z3rJJgIQwYsLz0spW1QeS4-1682082494-0-AS7g5ATSqhXqu4tYAXHlNfkzggEUJ6GJ7FwKYMTqzV2OerwEUZkNWtf/UmBAb//bVwoGJQc0ttv2hRxWsT9kZ94=
user.deldarak.cf/	1970-01-20 20:50:42	Name: ss_cvr Value: 357975bc-3a18-41f7-bb7b-fb75e7f483fa\|1682082494688\|1682082494688\|1682082494688\|1
user.deldarak.cf/	1970-01-20 11:14:44	Name: ss_cvt Value: 1682082494688
.harnessapp.com/	1970-01-20 11:14:44	Name: __cf_bm Value: gcmKZ2AJlo3ldETaWB7ed9pl0Ig7IV8W2gvS8JrWZ6M-1682082494-0-AcflI6qDWmkYrK8v8cg5tSQZbUEvjj2nLCDkreMZMg1dEJ/ma5v7q3MCEWvozohqtGhG82+gaoH/dJz14lzwM3s=
.harnessapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Y_0kXJOqxVfMsyEFG6v5xvberrq2IhSS2Hl9.L0YjwI-1682082494711-0-604800000
.t.co/	1970-01-20 20:50:42	Name: muc_ads Value: 2104ef37-5aae-41f7-b9aa-08b189e863cc
.user.deldarak.cf/	1970-01-20 20:50:42	Name: _mkto_trk Value: id:570-VPD-925&token:_mch-user.deldarak.cf-1682082495141-81375
.twitter.com/	1970-01-20 20:50:42	Name: personalization_id Value: "v1_tFIis/ePd7LZoSVpXWk2+g=="
.deldarak.cf/	1970-01-20 13:24:18	Name: _fbp Value: fb.1.1682082495391.1026088984
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EiZcB_wr3JI
.youtube.com/	1970-01-20 15:33:54	Name: VISITOR_INFO1_LIVE Value: z4Yf5O-Cprg
.deldarak.cf/	1970-01-20 20:50:42	Name: _ga_EY9YF3ZLS8 Value: GS1.1.1682082495.1.0.1682082495.0.0.0
.deldarak.cf/	1970-01-20 11:16:08	Name: _gid Value: GA1.2.375947431.1682082496
.deldarak.cf/	1970-01-20 11:14:42	Name: _gat_UA-910630-1 Value: 1
.deldarak.cf/	1970-01-20 20:50:42	Name: _ga_R0WEKF3S3J Value: GS1.1.1682082495.1.0.1682082495.0.0.0
.deldarak.cf/	1970-01-20 11:14:46	Name: ftr_blst_1h Value: 1682082495718
.deldarak.cf/	1970-01-20 11:14:42	Name: _gat_gtag_UA_140866362_1 Value: 1
.deldarak.cf/	1970-01-20 20:50:42	Name: _ga Value: GA1.2.947771445.1682082495
.deldarak.cf/	1970-01-20 20:50:42	Name: forterToken Value: 494eb2d326934d79a2bf85f709e18a4d_1682082495056__UDF43-m4_13ck
.09866830beaa.cdn4.forter.com/	1970-01-20 20:00:18	Name: forterSId Value: 62da9c78a72a4d4aa55be880b6696b11_1682082497462

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://user.deldarak.cf/ Message: Access to fetch at 'https://widget-tracker.bespoke-creations.us/?charity_id=82bbc516f2b35e08f2ca' from origin 'https://user.deldarak.cf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://widget-tracker.bespoke-creations.us/?charity_id=82bbc516f2b35e08f2ca Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://assets.funraise.io/widget/client/24978828-7d8f-422b-87bf-f695ef19b68e/settings.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sentry.io/api/1730914/store/?sentry_key=332daa465da24d01b33ab8a94edf993c&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 (Too Many Requests)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09866830beaa.cdn4.forter.com
494eb2d326934d79a2bf85f709e18a4d-09866830beaa.cdn.forter.com
570-vpd-925.mktoresp.com
62da9c78a72a4d4aa55be880b6696b11-09866830beaa.cdn.forter.com
analytics.twitter.com
app-ab32.marketo.com
assets.funraise.io
assets.squarespace.com
cdn.lr-ingest.io
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
connect.facebook.net
duuytoqss3gu4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gighmmpiobklfepjocnamgkkbiglidom
harnessapp.com
ihcjicgdanjaechkgeegckofjjedodee
images.squarespace-cdn.com
ka-f.fontawesome.com
kit.fontawesome.com
log.pinterest.com
maxcdn.bootstrapcdn.com
mlomiejdfkolichcflejclcbmpeaniij
munchkin.marketo.net
refugeesinternational.harnessgiving.org
region1.google-analytics.com
sentry.io
static.ads-twitter.com
static1.squarespace.com
stats.g.doubleclick.net
t.co
use.typekit.net
user.deldarak.cf
widget-tracker.bespoke-creations.us
widget.harnessapp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
gighmmpiobklfepjocnamgkkbiglidom
ihcjicgdanjaechkgeegckofjjedodee
mlomiejdfkolichcflejclcbmpeaniij
widget-tracker.bespoke-creations.us
100.26.87.64
104.102.38.132
104.16.95.80
104.244.42.131
104.244.42.197
104.70.84.69
143.204.89.62
146.75.116.157
151.101.128.238
151.101.128.84
192.28.144.124
2001:4860:4802:32::36
2600:9000:2057:ae00:b:201e:bc0:93a1
2600:9000:2250:6e00:1d:9f28:ff00:21
2606:4700:3033::6815:17a
2606:4700::6812:121e
2606:4700::6812:131e
2606:4700::6812:1634
2606:4700::6812:acf
2606:4700:e0::ac40:650a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:1495
2a02:26f0:480:39e::4205
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
3.234.25.89
35.188.42.15
52.71.247.184
54.243.108.33
65.109.187.121
99.86.4.97
01c1b7c025226e0eca50e56738ce01bd46027dc2dee0c70ec6d581bb32edaccf
05f8bca58478ef80ec287db4c64469d40e8aa56873000a2db8ad585eb6991cfe
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
0699b0bdc269a919a9d41cc0434ceb7c7c888486b2bc06c63ec519fc71151b6e
07ed678b8eb763214c396e6267be2e428d1086b130b4cf1656c23ca0775ac759
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0ba24c406705ec9eab7a16077d987f684878fcaa3e44bc9a262a07b6560dddea
0e7e6440f9a1d9bc86c6ffefd209f0e8994c70fe95f047e51a455d977ad4157d
11746f76487ea3fd49e9123bde942269173ba3b53fbeabc8e5d255fb8bb352f4
1464a172249891a4c3e4fe98fb9f64e54ef87eb6154161400cdc6f8db9e01845
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1a08efa406538235e0b02c5115486a0a013f8b6c8bebd5eab344b53d9b6a9188
1a44e6806427cc9a4baf6c12fe2865d489827c038e443f7b37265ff812716d1b
1c3acfb1c6e0fa596a8b561781c076a313cde9f2f0eb8abaf0ab8748e0496a4a
1d89cd58b30004707d2c59032ff4cf519962d9df8d51fe637d2178c16ad125ac
222ff5a8f83918c23e3057b8de2d180619ddb161dbd59213622b9ba33c0ae842
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
320e8d6467ed531f004ae28f108daf08b860551889318f67407e3de02b2dc720
32bcc5d58370a03dd9cef2ce895b9f687929f82c3ff632b6dee94ec5873f7bb4
36b203a225b14ac9f840266fc59c5d8d74122c6f0ef6932bdca5e0a323a24322
380d3d37a86d6567a2aa30fd7bdcd502d3e275edbdfd1f35b9651ea450d81a9b
3bc341ed28c4df4eb36d2f1cb77e0967756b75dc30113f8978f2578b33906085
43361034d3c6b89f3d8bbe4ab3e518477b337bc240d70b2842ea2917667c83fd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46df3e1ba92f6d882ba362b107b9d4f561b86ef437409a2f7ba349adcb7f3d53
4b5de2392945b8f0c3167cb95e53c5165fa21f6955573a52eb19d16ab11d40ea
4ceee496127aaffe0540e14ab98b66113dc39a7d00ffbfb48f5fb71220a2504a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50e4b0329c9122ea8a38346f7563e9e2f39403e16c45d3c812e8074582d8a9af
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5291859d1d01fb7a948ac16a4aa17c04302165bff70b6d4812fb9f578143996a
541e19387169f9ababe9475dd08fe96ec682e3a6ba20969643825fc051a22e94
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
590f896a97d55d77713fd2f94ee6c6c807470af8a18ac0f62cca3fa8877cc84d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
60ccc75997ee5d11cb926cd5406420171a16147555544dafda67c072d2da70f1
6133a297aa07d0bf3234fafae2caf717be520e8bd005a1869bab526f30f1cb19
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
674c98066eaa55f332f72049cfebb696ef587e6e7583a2772dc4114d25a51e44
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6beb51b1948e6e232ba213a0a20f70b53063089eeb1302f36e9317efc5552b9e
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f3d9e6750aea36cfc3abc14aa973efe08a7cf4e892762a5fae2351646560bff
6f40d8ea5c7ef6458b0b12280731c5c7124672724cbdd5cc0a51fba18147fea3
72d175b68724896d3d916d16f3740fef02b634857bd8177d84a9c142ee946f73
74e2049de936d6d33d09ca6dd7469c081c05e7128999b69d8183ff41892d49b5
77be0f1ee4baf5be19a1a28dbf368511274a46fe91c451cf6e2f7067e2e2f413
7e10d89b50bc46ddef1ac67c641c00ad85a77bf14444d33b9cf0e21255a53582
7f6d21fc444bdd08ce4845372d23368b5924b9493e3fcffab93bcec7a877b56d
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8000476979a6b03622d15d170d6a97c9e2737e7cb455e9475532bd99daaa7172
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8594154cb263013831d958d7f82e1ad9442eb471e1133a0c0f00d7958955127b
863e46df374bd40b3696e55e12e1d53c503ef43c48896337314bd66eb5c51a6f
882b4d5bca612b107b5dc1a04d2fc7174b7a5cf886b21983deceb38941023461
8aad4d256350048dd4e1037d081240ecacd5e7911e6f28cb956b79441cdad97a
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
96a7b687c08b72333c972501fc87b161bec5fe9dbcdb732f444f4116232398f9
99aa00353fd6efb3db671780f72cc6f900bbe526fa3d5675680cdecceb50e7fb
99ddbf231a97628eb2a54f785bb9bd487ae8f2d202c281deb95851facddbee92
9a395a231a15860187be00cae2759ee25dcd2d47bc8bac4ac4ae7e08a76341e0
9a5493bbb3af6201bac05a2a2a240da9866e44132eb965fece24d7946b14e321
a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7
a5b954f658a663ad5b24929244fc7584635b34517b022fba7c3e3aaa10f5453d
a60d69da1596fecefa0361fb48efb1b215583072a27007de5aced6e4c4b6af6b
a6c4f15c872fe4a9fccbb12cf8bc2468bfbc6345c181c2d34915cc26d138f230
a96511b2991d320fe704d5739f211a9cb01b9ce33b04fe6a5d7fab9b6ee8beeb
ab093383925284bfd77a01631ddc34c70649a4fc9a6920925ab479b6a583acda
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b034b1b5e3e7f3556f8adf7f11d847b8d2170daaa3fdcbd117cb639bae2deedc
b2ece516648e5bf2c7cf767d68d7725f5d418a2ae703c7da7307e51ef631c258
b4d2424d4ca63f424bba501fa012ba5931fffec09e644a6a90d10017a92aecfe
b4e203a5882b89bb85ffe3a00d1d71638c4275db29e5fffbe718174549b5810a
b50ad158ee613243083570bf8981e7cbbc3d1374c726a537fa0d5adeca9103a2
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b96b379e0a248b2d573ca68cc175b65912da3c166bf5511ab397b5c363fcaf4b
b979a9bed1a438283b8f6d2eb3db604d345831ccb2cb233be71cbcbdaff14cc2
b980267ac2254ef534bfe32055489ed677d461077b37f2ee62bf7b5fc4f7362f
ba84238fc4848e9dfb74ee76b0d8586b9afcaca475e94512064e797851b3972d
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bd43c6a75ec190add846a0404e9ee78a713fd6ec7b12f4e1ce970c77cd4be8ef
c188489974487da3522184786994beb5bb937210760c94961ab977520ca682eb
c405c27ef82a37b66a1a7d30b6f42bf50f6cdb36538d18eba7f9996ca85a73f5
ccd7658820ead1b417914c776e057885c5cdb0d15241d96bfab9125ea7c8a427
cdc3baef390647120e0cdd926a0ac8a07b15ab857d723c754da0a6cc87ddeae8
ce871dad89a27c06eef0beccba09f5a35a6bca46ee135adf249b2cf75bc1e9b6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
dbdbc04b3dd6831d1168fdb6e806ef755caddcdf34b715cf07ad5d03a8c2f174
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e10fea38a3ee3fcea0b2400ffdcec1bb222c9bc85a5038ee789b907e45490baf
e13d4be16a12708eb1304173f2babf15a36ef6f498a01aaa0b9561557dc1df9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59aea6686d26b2de272149c840ee652e6e4ce5287b2e142c073a2763993f1b1
e86af0ff362f0a9ccc79c4316e5fdcece4982a45bc4d6b4b3cc316f496295811
eb316b7543de09693b789a31a3cf23d39272ca8a14c2720bd69c2a1eec6c4d23
ef2c392e15d738a01f63176fd653c74eec2774ff70124e75b9852b1cb574c4aa
f0adcc4106baf6a5c7029e78ba3a0e806820bf265326eca88949a1bfdfbef4a0
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f3d42d1937c532c276bd7ef0b0339dce47a60fa08499849cba401ac20549dfb8
f436bf902fa45aee983720b2d735ebfd4d3b61d63d5a75b402d9ac018fc0d56b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7933255ef71246aa324ac4ef34fa6608f9cd5b085734815cc4db3db5a0d28db
f9eca30ed5ae2abc00b2c3ed1feb3f3e6f17b33b4e522b41283142c2434a99df
fb27a79ad1d9335ffda85056ea1a296633ab61458ca0b9845d6f4d279ff0309d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fe2c80c8a78833f37ab7195866b28a68c0e06bbafa4412aebff085ac5f1f8e10
ff81c7f39614c8da0ce6bbabf9e8774c322475f8572cdd49dc71ad6aa1180c66

user.deldarak.cf Open in urlscan Pro 65.109.187.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

93 %HTTPS

56 %IPv6

31 Domains

43 Subdomains

40 IPs

5 Countries

5360 kBTransfer

15844 kBSize

21 Cookies

10 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user.deldarak.cf Open in urlscan Pro
65.109.187.121 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

93 %
HTTPS

56 %
IPv6

31
Domains

43
Subdomains

40
IPs

5
Countries

5360 kB
Transfer

15844 kB
Size

21
Cookies

153 HTTP transactions
0 data transactions