www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:802d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paracom.paramountcommunication.com/ct/62600895:WUbo6uiNO:m:1:2672345937:6CD994E63556AAA64608FB76C3542FC1:r
Effective URL:
https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Submission: On December 27 via api (December 27th 2023, 6:00:36 pm UTC) from IE — Scanned from DE

Summary HTTP 202 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 25 domains to perform 202 HTTP transactions. The main IP is 2606:4700:7::a29f:802d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kennedy24.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.

This is the only time www.kennedy24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.149.72.23 54.149.72.23	16509 (AMAZON-02) (AMAZON-02)
2 18	2606:4700:7::... 2606:4700:7::a29f:802d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700:7::... 2606:4700:7::a29f:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:d483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	13.227.219.27 13.227.219.27	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e2:... 2606:4700:e2::ac40:8007	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3b64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::35	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
43	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:da00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	198.202.176.81 198.202.176.81	16509 (AMAZON-02) (AMAZON-02)
3	44.233.104.20 44.233.104.20	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211e:d800:b:1d09:f200:93a1	16509 (AMAZON-02) (AMAZON-02)
4	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
202	40

1 54.149.72.23 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-72-23.us-west-2.compute.amazonaws.com

paracom.paramountcommunication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:7::a29f:802d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.kennedy24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:7::a29f:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

joinkennedy.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 13.227.219.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-27.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8007 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b64 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-ptjx4tds2q-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:da00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.233.104.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-104-20.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:d800:b:1d09:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)

b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257 r.stripe.com — Cisco Umbrella Rank: 3529 m.stripe.com — Cisco Umbrella Rank: 1245	1 MB
19	google.com translate.google.com — Cisco Umbrella Rank: 1298 region1.analytics.google.com — Cisco Umbrella Rank: 2693 pay.google.com — Cisco Umbrella Rank: 2109 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 32	462 KB
18	nationbuilder.com joinkennedy.nationbuilder.com assets.nationbuilder.com — Cisco Umbrella Rank: 87389	335 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	845 KB
14	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-f.fontawesome.com — Cisco Umbrella Rank: 3137 ka-p.fontawesome.com — Cisco Umbrella Rank: 3304	350 KB
10	kennedy24.com 2 redirects www.kennedy24.com	32 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7101 newassets.hcaptcha.com — Cisco Umbrella Rank: 9853 api.hcaptcha.com — Cisco Umbrella Rank: 9601	405 KB
6	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1291	37 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340 www.googleapis.com — Cisco Umbrella Rank: 22 translate.googleapis.com — Cisco Umbrella Rank: 947	97 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	177 KB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 35663	43 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	243 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	18 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
2	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5638	2 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	723 B
1	t.co t.co — Cisco Umbrella Rank: 589	377 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	247 B
1	run.app server-side-tagging-ptjx4tds2q-uc.a.run.app	447 B
1	getbootstrap.com getbootstrap.com — Cisco Umbrella Rank: 50498	7 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	paramountcommunication.com 1 redirects paracom.paramountcommunication.com — Cisco Umbrella Rank: 270074	850 B
202	25

	Domain	Requested by
37	js.stripe.com	www.kennedy24.com js.stripe.com
25	r.stripe.com	js.stripe.com
18	q.stripe.com	www.kennedy24.com js.stripe.com
12	play.google.com	www.gstatic.com
12	www.gstatic.com	www.recaptcha.net www.gstatic.com pay.google.com
10	joinkennedy.nationbuilder.com	www.kennedy24.com
10	www.kennedy24.com	2 redirects www.kennedy24.com static.cloudflareinsights.com
8	assets.nationbuilder.com	www.kennedy24.com
7	ka-p.fontawesome.com	kit.fontawesome.com
6	www.recaptcha.net	www.kennedy24.com www.gstatic.com assets.nationbuilder.com www.recaptcha.net
4	pay.google.com	js.stripe.com pay.google.com www.kennedy24.com www.gstatic.com
4	ka-f.fontawesome.com	kit.fontawesome.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net www.kennedy24.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
3	m.stripe.com	m.stripe.network
3	www.googletagmanager.com	www.kennedy24.com www.googletagmanager.com
3	kit.fontawesome.com	www.kennedy24.com kit.fontawesome.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.facebook.com	connect.facebook.net
2	www.lightboxcdn.com	www.kennedy24.com
2	fonts.googleapis.com	www.kennedy24.com joinkennedy.nationbuilder.com
1	hcaptcha.com	b.stripecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	www.google.com	www.gstatic.com
1	translate.googleapis.com
1	analytics.twitter.com
1	t.co
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	server-side-tagging-ptjx4tds2q-uc.a.run.app	www.googletagmanager.com
1	getbootstrap.com	www.kennedy24.com
1	www.googleapis.com	assets.nationbuilder.com
1	static.ads-twitter.com	www.googletagmanager.com
1	translate.google.com	www.kennedy24.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	www.kennedy24.com
1	use.typekit.net	www.kennedy24.com
1	ajax.googleapis.com	www.kennedy24.com
1	paracom.paramountcommunication.com	1 redirects
202	43

This site contains links to these domains. Also see Links.

Domain
checkout.opennode.com
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
rumble.com

Subject Issuer	Validity	Valid
www.kennedy24.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2023-10-21` - `2024-10-20`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
assets.nationbuilder.com E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-06` - `2024-01-04`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Frame ID: A169CDBFA1DBE727FE896D20EA9477A9
Requests: 74 HTTP requests in this frame

Frame: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 32DF5A8A10B79EBF60BAD9ADB6AEC667
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 97CA0780FEE5C16C8FD2D00198BAFE2C
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ouf6p39hoj8n
Frame ID: 46A7D4FE1B1FA42351698092C40B0A74
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=g1pk6zr2sqaw
Frame ID: 0E600F2AA2CBD6D4E098385568FB9CE4
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: CCC8058CB5EAD9D4BC5F8F1D227EC0CA
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 945039DFFA2A43F10526F56C586C5C55
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
Frame ID: 982761A49FB4DDFC54A781141A8AA3B9
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
Frame ID: 4C721B7DA4AB3BB7B4D56344235063BD
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=g1pk6zr2sqaw
Frame ID: E27AEA63CD8D64DDFB819CF4E7DAE88A
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 17CCCA5FA0F5A81306A475E0ADEF22BA
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3586FC5F6B170870D6427AEA8F60FF88
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: D8C4AD8A3D9BE1ADD54AA162E687355D
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: 64D1758F0574313D52C10DA4CF68B93A
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
Frame ID: D3B2BC0A2DDF10B3B7959366C1CB1AFD
Requests: 6 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: CD10B21C1C14877CAC571CC3F164319F
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
Frame ID: C4652BFED89800AE728483404C897386
Requests: 9 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=s5nay6ni8mg
Frame ID: 9E2CA7DE2CDE5DC9D0EA75257FB8AA16
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We, the People... | Kennedy24

Page URL History Show full URLs

http://paracom.paramountcommunication.com/ct/62600895:WUbo6uiNO:m:1:2672345937:6CD994E63556AAA64608FB76C3542FC1:r HTTP 302
https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

202
Requests

99 %
HTTPS

74 %
IPv6

25
Domains

43
Subdomains

40
IPs

4
Countries

4495 kB
Transfer

14999 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.opennode.com/p/d05e70a0-a317-4e30-b81d-1ae3e5575d2c
Title: Bitcoin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/robertfkennedyjr/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rfkjr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@teamkennedy2024

Search URL Search Domain Scan URL

URL: https://twitter.com/RobertKennedyJr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ewc5vQcMpLticvqPDcSQw

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RFKjr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paracom.paramountcommunication.com/ct/62600895:WUbo6uiNO:m:1:2672345937:6CD994E63556AAA64608FB76C3542FC1:r HTTP 302
https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 63

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

202 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
www.kennedy24.com/
Redirect Chain

http://paracom.paramountcommunication.com/ct/62600895:WUbo6uiNO:m:1:2672345937:6CD994E63556AAA64608FB76C3542FC1:r
https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

83 KB
19 KB

508ms
460ms

Document
text/html

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4cecfe886b14bafb0d4c8c98d27607ab97ef3c20685d6a0d4edbf614e296da3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 1
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83c3768faf6b30d8-FRA
content-encoding: br
content-security-policy: frame-ancestors joinkennedy.nationbuilder.com
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 18:00:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
x-content-digest: b12a08e3c91c52441729100de92158f34499df01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1703700027196235
x-nb-cached-page: yes
x-rack-cache: fresh
x-request-id: b139d44f-6c8b-45fc-b514-2286c94c5d5e
x-runtime: 0.385413

Redirect headers

AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 219
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Dec 2023 18:00:26 GMT
Location: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 89ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Dec 2023 18:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 18:00:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Dec 2023 18:00:27 GMT

GET
H2 200 theme.scss
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 393 KB
56 KB 846ms
795ms Stylesheet
text/css 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/theme.scss

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695831fb486ce5a02864ef0fe2d75c340e300f618758c8f0bf4650b1f71ce014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700027684568
alt-svc: h3=":443"; ma=86400
x-request-id: ac2123eb-3ba8-4bdf-bdd1-8a316a586763
x-runtime: 5.777624
x-content-digest: 8647411827a3cef4f802d582a1a4e77643f50c52
server: cloudflare
etag: W/"695831fb486ce5a02864ef0fe2d75c34"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 83c37692ea4919b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:39 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
6 KB 75ms
21ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5640
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 20:44:21 GMT

GET
H2 200 opz7yic.css
use.typekit.net/ 10 KB
1 KB 84ms
22ms Stylesheet
text/css 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/opz7yic.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

161adc1b69be76ccc5346711bc49c475f190bcf75dd03c834032e4b065330e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 27 Dec 2023 18:00:27 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1197

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
5 KB 114ms
62ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:27 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83c37692e8f235e2-FRA
x-amz-cf-id: yOWPypwgJIkJGhqSAE1oVKfHqCt60mOjJB-k_Y6QD4eYzeXiGnXzcQ==
expires: Wed, 27 Dec 2023 22:00:27 GMT

GET
H2 200 profile-login.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/ 3 KB
4 KB 91ms
39ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/profile-login.png?1697582282
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:27 GMT
x-amz-version-id: UZ3z2H3eCPLVBD_NSfvXtS6kN40SZ1iE
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 5214
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3222
last-modified: Tue, 17 Oct 2023 22:38:03 GMT
server: cloudflare
etag: "2d003d6e18b1ba4e0db766e8f4dc526f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83c37692e8f735e2-FRA
x-amz-cf-id: dVFNwyF4_wBW93gWI8Zcc0iKnWdcD-rr-gNoF8VNoVIO2p6_BgkVKQ==
expires: Wed, 27 Dec 2023 22:00:27 GMT

GET
H2 200 rumble_logo_white.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/ 22 KB
22 KB 135ms
83ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/rumble_logo_white.png?1697064082
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:27 GMT
x-amz-version-id: QTvG_ogPyZRtij5jlvYT2NsZCXixTkK7
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 22352
last-modified: Wed, 11 Oct 2023 22:41:23 GMT
server: cloudflare
etag: "28e5ce4754ad7167c4c4e5eb9378ff1e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83c37692e8f435e2-FRA
x-amz-cf-id: U7uVwMw38CZHP3K-y-IZLjUub_683rH57B1bDQNB9WCckjxWaXS-UA==
expires: Wed, 27 Dec 2023 22:00:27 GMT

GET
H2 200 rocket-loader.min.js Show response
www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 83c376929b5130d8-FRA
expires: Fri, 29 Dec 2023 18:00:27 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 131ms
83ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83c37692e87939d6-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 123ms
39ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=opz7yic&ht=tk&f=22792.22793.22794.24318.40090.40091.40092.25668.25670.25673.25676.25679.51955.51956&a=2508016&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/opz7yic.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:27 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
552 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/theme.scss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joinkennedy.nationbuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Dec 2023 16:06:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Dec 2023 18:00:28 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 76ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:52:26 GMT
x-content-type-options: nosniff
age: 194882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 11:52:26 GMT

GET
H2 200 fslightbox.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 30 KB
10 KB 715ms
706ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/fslightbox.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028778788
alt-svc: h3=":443"; ma=86400
x-request-id: 159fd7eb-6e9d-43e8-b8c4-7225971b6749
x-runtime: 0.068858
x-content-digest: 167b1e36379227a2fa7c635269bdcb0ed8dec4c0
server: cloudflare
etag: W/"77ba0f0971a262f3fe1999d37208a8a7"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a8519b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 111ms
48ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f4fe059ce1def9ba5b61ded7e863b8dfa4b86aa83a82730a7af3c026e27260f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 50 KB
17 KB 53ms
45ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
x-amz-version-id: 9FhmNzP5VKtGFI6Q2AeFoOvTMd.Koj5z
via: 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 125078
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:14:54 GMT
server: cloudflare
etag: W/"9714f34f09a34492cd827f7620009730"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83c37698797535e2-FRA
x-amz-cf-id: 8IdkEjPG0a1WB61kMqMG24iC7IcZ7mbIylUXO8nq6r6kodPf2eVzLw==
expires: Wed, 03 Jan 2024 18:00:28 GMT

GET
H2 200 k24-float-label.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 3 KB
899 B 506ms
499ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/k24-float-label.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028583146
alt-svc: h3=":443"; ma=86400
x-request-id: 1c4c48d3-e491-4724-9aba-3733ba2f0c41
x-runtime: 0.057511
x-content-digest: 858dc6cedc176df364401823e6b822ffa39fd992
server: cloudflare
etag: W/"a7e81be515a4350b67aaa7b634852658"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a8919b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 localized-inputs.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 2 KB
935 B 414ms
408ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/localized-inputs.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028563050
alt-svc: h3=":443"; ma=86400
x-request-id: 44861257-75c6-4b24-900b-6d958266d0ae
x-runtime: 0.051889
x-content-digest: 44e5290de99fa9b40844d1e42b544d997e7c61ee
server: cloudflare
etag: W/"81d4fa5df88680bfb5899dc73e158c00"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a8b19b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 theme.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 50 B
273 B 734ms
728ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/theme.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028883393
alt-svc: h3=":443"; ma=86400
x-request-id: 69328fcf-72d7-4393-8b2f-986a2d04d8b7
x-runtime: 0.060316
x-content-digest: 25fec939dd7fcf76bdd26229129e82ba0de317b7
server: cloudflare
etag: W/"7592e61876da5df397281e08f2abf3aa"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a8e19b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 bs-custom-file-input.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 2 KB
1 KB 508ms
502ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/bs-custom-file-input.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028584903
alt-svc: h3=":443"; ma=86400
x-request-id: 46200fd3-2573-4fb0-b5eb-4e6783188d97
x-runtime: 0.049672
x-content-digest: 59d3af0630bcb8da94e201ce3453821d82447d22
server: cloudflare
etag: W/"4be37bbc2e40bc238e8895eac52b3a9d"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a9219b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 bootstrap.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 57 KB
16 KB 618ms
612ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/bootstrap.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028581534
alt-svc: h3=":443"; ma=86400
x-request-id: 2a92bbb6-ae8e-4cd9-adee-6bbc99c36302
x-runtime: 0.057327
x-content-digest: 6778fed3cf095a318141a31f455c8f4663885bde
server: cloudflare
etag: W/"0a34a87842c539c1f4feec56bba982fd"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a9519b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 72ms
67ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
x-amz-version-id: k1oY7mZDR.WdjUbJpXthIK_UKCYMytoH
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 27590
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 15:20:30 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83c37698797835e2-FRA
x-amz-cf-id: se7RtFDNKH6URDPXK0miTtaQ7NQ7JEeGkYO3781Mi23FBojXyLXbow==
expires: Wed, 03 Jan 2024 18:00:28 GMT

GET
H3 200 donation_v2_page.js Show response
www.kennedy24.com/assets/liquid/ 2 KB
1 KB 269ms
264ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/assets/liquid/donation_v2_page.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-middleware-start: t=1701480810580245
alt-svc: h3=":443"; ma=86400
x-request-id: c4051e70-a3c1-43eb-8277-2cefada5f3cb
x-runtime: 0.039264
x-content-digest: 97924c19946db9c05a96df5fd79c4dffb67f84d3
server: cloudflare
etag: W/"fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83c37698793b18cd-FRA
x-rack-cache: stale, valid, store
expires: Wed, 27 Dec 2023 22:00:28 GMT

GET
H2 200 staged-donations.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 11 KB
2 KB 505ms
500ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/staged-donations.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028581612
alt-svc: h3=":443"; ma=86400
x-request-id: 54d6d939-038f-4577-8e66-a5b9de02b6a3
x-runtime: 0.043467
x-content-digest: 45862d061369f952adfaa29d6844935610f45e8c
server: cloudflare
etag: W/"3fef202588115c2a23969fc04c669b49"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a9919b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 donate-jquery.ui.effect-slide.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 774 B
643 B 515ms
510ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/donate-jquery.ui.effect-slide.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028667717
alt-svc: h3=":443"; ma=86400
x-request-id: 9be4d302-0db1-427a-b2d6-1e39e618f2fa
x-runtime: 0.066398
x-content-digest: 2d0b4629f786724cb9ceba70e34ff5775fa16084
server: cloudflare
etag: W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a9a19b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 donate-jquery.ui.effect.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/ 13 KB
5 KB 505ms
501ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071703699628/default/donate-jquery.ui.effect.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1703700028585954
alt-svc: h3=":443"; ma=86400
x-request-id: e3d83a61-1a56-4816-9fa1-5476642180a8
x-runtime: 0.053106
x-content-digest: 1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server: cloudflare
etag: W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 83c376987a9c19b1-FRA
x-rack-cache: fresh
expires: Thu, 26 Dec 2024 23:49:40 GMT

GET
H2 200 38b3ad1ee0.js Show response
kit.fontawesome.com/ 12 KB
5 KB 225ms
152ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 83c37698ea2739d6-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58c-CxhCbX2KsPc6_Ch

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/ 3 KB
1 KB 271ms
199ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/lightbox_speed.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64a80c5311000e42e55ad2a62dcf422b9468ba55472d51d2165d4cddd1ef8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: c2oxAMJux4k4v0h/WvgOxg==
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 21:00:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5160b8c1-001e-0002-7045-311aca000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 83c37698ea231c40-FRA
expires: Wed, 27 Dec 2023 18:01:28 GMT

GET
H2 200 706b9f1865.js Show response
kit.fontawesome.com/ 12 KB
5 KB 219ms
147ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706b9f1865.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 83c37698efb29945-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58bV-Trl9mCGXDYNKwh

GET
H2 200 payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js Show response
assets.nationbuilder.com/assets/ 16 KB
4 KB 48ms
45ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
x-amz-version-id: 0UtgqgwClP8EiIar9FS0D8kcRrDirDUw
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 439332
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:35 GMT
server: cloudflare
etag: W/"7d0fc9aeec4f03aeef50129fbe29b1df"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83c37698797b35e2-FRA
x-amz-cf-id: cvnjgltJoxqByFWK5T69qluzvOzhRYlfdFe1Zs-RX_ckwv72wrfO-w==
expires: Wed, 03 Jan 2024 18:00:28 GMT

GET
H2 200 payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js Show response
assets.nationbuilder.com/assets/ 35 KB
4 KB 47ms
44ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
x-amz-version-id: b_JAN3Q6Lxf7Wf6o2yrn7MgrK0QrdF3l
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 552583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:53 GMT
server: cloudflare
etag: W/"ba73545e732d35824a90f9daee280d57"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83c37698797d35e2-FRA
x-amz-cf-id: u8SfyBvt_b6XSEGe9Yhl_odGypbSTUTiUEJBUMA62pobxxh7o7vtVw==
expires: Wed, 03 Jan 2024 18:00:28 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 579 KB
143 KB 144ms
38ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:59:44 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 49
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:47:18 GMT
server: Cloudfront
etag: W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: MdGEBRyT2a1qch1P5OHoqhEZqjkWDVXFjDwCfGyV1X-FDt-Y2PkZ0Q==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 335ms
33ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21a6640d3ce7365637d29a95caa2753b22d89b6a63b0ebe793c41a684682371e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 27 Dec 2023 18:00:28 GMT

GET
H2 200 main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 469 KB
134 KB 73ms
71ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
x-amz-version-id: zlPj.IfBmhJWCnRphuyWdGEaI2oPDSyN
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 476505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"65f4d89d2236c9f9b248d9ed5de8dafa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 83c37698797e35e2-FRA
x-amz-cf-id: oia5E3ulDR-soEeiIBK1RdokmJRXA9CQG2MEvGuICkGh_OGU4xzZFQ==
expires: Wed, 03 Jan 2024 18:00:28 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 32DF
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

38ms
37ms

Script
application/javascript

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd6fd706b4892c8255050f191149bfab922209caa6d4f16d3d8dea73e3881799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83c37698c9bd18cd-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 27 Dec 2023 18:00:28 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83c37698895418cd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
77 KB 123ms
49ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04b87bd2fb90b58ff36d0eb0524af04113874182f82230cde550e98889c79d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:28 GMT

POST
H3 200 83c3768faf6b30d8 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 32DF 0
273 B 52ms
51ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/83c3768faf6b30d8
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
server: cloudflare
cf-ray: 83c37699ab3718cd-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
94 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ca4ae73c9e1d1c38c8a7d19601535db2be9e86b782906fd2d996e55a1616e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96039
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3fac192122576857bb4f1ef1ad71621dccf6edaee2ae76b710ccddaa2c73764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:28 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 124ms
33ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220080-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 330ms
28ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Dec 2023 18:00:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: +YWbDrP2D0YF5E5CykNOSaa6eqnFdNuRNuHBlpSlFbYL5OxT4pRNrDs88EG361LKDFLjHb2DMNAevxnik9hlJA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 171ms
110ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 10:53:21 GMT

GET
H2 429 webfonts Show response
www.googleapis.com/webfonts/v1/ 1 KB
822 B 190ms
39ms XHR
application/json 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd8f23ba912aba21c41c9d54ce91149f0630ed2e7aebb4adf267e6398c29f72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript
Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 233ms
52ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2302707
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3mi8hJdVSMjOBBtMNHt4yXoRRrN9KRZzEd9abpHiX1t7XA7ZC2kiHTYeEyF%2BFQcRogD6bOrrFPBpSZtzpuKqYUzW%2BNE8a507Mwd2gdF%2B2wr1bNHW5Ve8Jt91AB4FIUI3n3uDirs%2B5jdGubZkwSRtBiwBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 83c3769bf9d93a79-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: rtR68-YLielB73Xlk-r7wxpuKJySR-nv9CfPQTewJ9ExZ2Hc4LMyeg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 231ms
51ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2278466
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNVv9eZc2yhLDFCmcasgquiakdEvhkrq7KE1oK0YqaXFV2gVOhQZj%2BiBy3Y2XlkenQ0k8VfOhXtTgo3dUQJFRa5uFLTce9%2BnDj%2FlVQ8qxAqPpmdcqwMl0xvwi%2BriD4isBdWtpIDp3dCbeHMYHtVET7ZsLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 83c3769bf9dc3a79-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: fM4bMZO9KtBszo0sn_-kB9AGKyZFPOYVnI1B2bXQ2D4hQYrqcZOhYg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 230ms
50ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 4016227
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jors0mkVGTz6jf%2B28c6Tg8OddmcaZ6IbFyjU1bLUT9RhKd59ghRtwFIhsiWSQUD0%2FbPLIbZbbMBFeA94zVr5fWZzhy8G9u2yktEtV6HxgqDNqfdTNnjCbJ3ffDL1h1umV0R%2BJn053YDYsiZA5TNwczSmNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 83c3769bf9d43a79-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: SR0RNWiygohnbrDloDEvFSzYGS4bul7R2LDgkyNQ2I7dEQMHyQhvNw==

GET
H2 200 popper.min.js Show response
getbootstrap.com/docs/4.0/assets/js/vendor/ 19 KB
7 KB 633ms
461ms Script
application/javascript 2606:4700:10::6816:3b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 5ef89a2e90029592e1c90b990e6b672de80ed512
date: Wed, 27 Dec 2023 18:00:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Thu, 30 Nov 2023 09:43:59 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 14 Sep 2023 14:29:01 GMT
server: cloudflare
x-github-request-id: A428:0E81:3EF3FA3:401B8E9:6540671F
x-timer: S1701319650.485525,VS0,VE1
etag: W/"650318ad-4af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 83c3769c2c531919-FRA
x-cache-hits: 1

POST
H2 200 collect
server-side-tagging-ptjx4tds2q-uc.a.run.app/g/ 0
447 B 380ms
226ms Ping
text/html 2001:4860:4802:34::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-ptjx4tds2q-uc.a.run.app/g/collect?v=2&tid=G-CAPI12345&gtm=45je3bt0z89133194504&_p=1703700028305&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1651364700.1703700029&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703700028&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Futm_campaign%3DCritical_Goal%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1703700879166_17037002749091&tfd=2362
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: d2b4f86f592a09af4402f932be06b31e
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Wed, 27 Dec 2023 18:00:28 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 135ms
32ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je3bt0v9113043695z89133194504&_p=1703700028305&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1651364700.1703700029&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703700028&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Futm_campaign%3DCritical_Goal%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_ss=1&tfd=2413
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Dec 2023 18:00:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 180ms
75ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JWBYYEB6SQ&cid=1651364700.1703700029&gtm=45je3bt0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Dec 2023 18:00:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 149ms
50ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JWBYYEB6SQ&cid=1651364700.1703700029&gtm=45je3bt0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=872413344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Dec 2023 18:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 277ms
207ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=70467c91-f69f-4457-8ef7-029803320975&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=795fc8d1-2439-4f8b-8a3a-a718569ae005&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Futm_campaign%3DCritical_Goal%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 182
date: Wed, 27 Dec 2023 18:00:27 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0148bd2e50dbbd59
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: b4195f59fe7cc3efe66e0d09daeee97cdcbafedc0eaad52918ebba5ac2dd8658
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 277ms
205ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=70467c91-f69f-4457-8ef7-029803320975&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=795fc8d1-2439-4f8b-8a3a-a718569ae005&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Futm_campaign%3DCritical_Goal%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 179
date: Wed, 27 Dec 2023 18:00:28 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 90e734c920e2bd9f
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 5d0eb2ee371adcacf193d6987cf61b52edd362057b2ea31e413882bef6785796
content-length: 43

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 44ms
32ms Font
font/woff2 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:28 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2186477
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6ZknjjvrraD%2BmeNZ3IdQEnKsoVGw6z2LJYcsb49BfZ0d%2FyceE2Xh%2FFZqmkddcUkflAgSbORBsym6zlXv71Wdbnf3b7%2FQ3%2FxvNcJSi3SvtGYVJCvVvWwa0%2FMWjV1Xpko6CAnOkn%2FJZS%2B1yaVMPUrHMFkbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 83c3769c6aa53a79-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FFfS6hI-hiOvtL21_1qP-aWg3K0mLrk6cF5ULoFMflR01SndEEy9Yw==

GET
H2 200 689052772650376 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689052772650376?v=2.9.138&r=stable&domain=www.kennedy24.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fa331e0ab41990001851e47d5c5050a194056d4f47c8653abbb250313be7b0a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 27 Dec 2023 18:00:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ju3hXQ4cAtPEvtSepB/8i0b3B16LtBGsUtLjVZxsZ9AmhjePnuzrkEwp0Ks8hphvj/L3ATPfx1XaCjym9VOthA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 76ms
22ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689052772650376&ev=PageView&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Futm_campaign%3DCritical_Goal%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&rl=&if=false&ts=1703700028979&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1703700028977.2142775550&ler=empty&it=1703700028923&coo=false&eid=1703700879166_17037002749091&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 27 Dec 2023 18:00:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
302 B 36ms
35ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1703700029242&h=www.kennedy24.com&e=p&u=45028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Dec 2023 18:00:29 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 428390
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 750dcec8-801e-0018-59ad-1c35a5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 83c3769ed99e1c40-FRA

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
118 KB 39ms
38ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 2198671
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c3769edb2e39d6-FRA
content-length: 120109

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 62ms
61ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 2198671
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c3769edb3039d6-FRA
content-length: 7186

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/38b3ad1ee0/70955553/ 0
165 B 37ms
36ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0/70955553/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
cf-cache-status: HIT
age: 2198671
content-length: 0
x-request-id: F5zyeF9hEd-rJdNHHS4h
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 83c3769edb2d39d6-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 30ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc28251b3d97ce4bc136a7574c4c0e60471da42c0e106b7aef16e729f1211ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Dec 2023 18:00:29 GMT
content-md5: uvwyyoVXfxS3hjGg1LUu5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: se4oaC8PpvS+DM4GmefJTV9nUuGazNyfacdvh34GfFS3xO7cYZywTEbbnvdUMx6Q36cpb2ZzhyYrBTDPYE1sYg==
x-fb-content-md5: 85c9069c00c1886f5ebb229f05571ae6
cross-origin-opener-policy: same-origin-allow-popups
etag: "81f0870c7040956f352998bf22c3ce36"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Dec 2023 18:06:46 GMT

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
4 KB 70ms
25ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.qYvzC9NchRE.O/am=wA/d=1/rs=AN8SPfrcjLlOocG39_bIeoEy-8TxSvHd2A/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:56:59 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.qYvzC9NchRE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfroofzgi7anyOVbkolp3NoxqO8Zqg/ 255 KB
88 KB 92ms
26ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.qYvzC9NchRE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfroofzgi7anyOVbkolp3NoxqO8Zqg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.qYvzC9NchRE.O/am=wA/d=1/rs=AN8SPfrcjLlOocG39_bIeoEy-8TxSvHd2A/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0cac8752fa8ba53a1555e539e1a29fa7a4bcf8ee3bd8f9d7c80db9760206ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89548
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 04:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 12:09:05 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 32DF
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

33ms
32ms

Script
application/javascript

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Protocol

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afe6b86fc8325437c2af7e4edd2ca647ce23db739d22bb14dae263c6ad684e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83c3769fcbdf18cd-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 27 Dec 2023 18:00:29 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 83c3769f2b0018cd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 97CA 200 B
1 KB 30ms
29ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1947
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:28:02 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: mgByeI5j7iP57h4twVmIdYh92qJgf8v4VoLAef33aov30-eNLe837w==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 46A7 41 KB
26 KB 44ms
43ms Document
text/html 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ouf6p39hoj8n

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9bd66d50b7f6cc940b717bbdb68f5873a762c0a2176d49920511fd6ca83f29d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H273hf_F8UeuOhxdErgDRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H273hf_F8UeuOhxdErgDRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 18:00:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor
www.recaptcha.net/recaptcha/api2/ Frame 0E60 0
0 35ms
35ms Document
text/html 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4ER-T56AuYZhCStcbOghbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4ER-T56AuYZhCStcbOghbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 18:00:29 GMT
expires: Wed, 27 Dec 2023 18:00:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 controller-a8db3be7204dff5e963b6f0fd5121b28.html Show response
js.stripe.com/v3/ Frame CCC8 325 B
1 KB 32ms
31ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 29
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 18:00:01 GMT
etag: "a8db3be7204dff5e963b6f0fd5121b28"
last-modified: Fri, 22 Dec 2023 21:08:02 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: HqyqWkrjdvuAuGhUJaA5xiBAsARmu0-21fZAy_YGV0DqduhAeMzMGA==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html Show response
js.stripe.com/v3/ Frame 9450 798 B
2 KB 35ms
33ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1126
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:42:05 GMT
etag: "74c94b12a3c991276d75d7e7135461e8"
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: tp7kPccKQTJAGCAuqFvxgWVEbfGT4wTBgomKhvnIaVmacH3-nnim7g==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html Show response
js.stripe.com/v3/ Frame 9827 408 B
1 KB 35ms
34ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1162
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:41:13 GMT
etag: "195e55d1b52949b175298b3e54db37fd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: eo9UM6zBGUm-4OVIT3qV7EfshDsgCGoLbRowairFVhqLAVYgoiwC4A==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html Show response
js.stripe.com/v3/ Frame 4C72 344 B
2 KB 36ms
35ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 18:00:29 GMT
etag: "434e8078d5c09b7f511e68744cf1c8cd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: tCXvYv5Ma_PlVsslX9nZv5dBqPSDuw6TDY4LWprZKcpJkANZpbIcqw==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame E27A 7 KB
1 KB 35ms
34ms Document
text/html 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

035acb9989bee814e90ba82806d1acf3a0e80876946097f6e1579ccd7c0799b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4YraEMllK3GF66n7gGZ7Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4YraEMllK3GF66n7gGZ7Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 18:00:29 GMT
expires: Wed, 27 Dec 2023 18:00:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 rum Show response
www.kennedy24.com/cdn-cgi/ 0
143 B 32ms
29ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.kennedy24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 83c3769fbbd318cd-FRA

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 55ms
27ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=440a83164c29dcc78a775fe45cf0fdeb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c836a1366ea4d18fad82940143967b7b8749864ab8e2e173a050a1f15943d536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Dec 2023 18:00:29 GMT
content-md5: EF9Aq9Bf2U3oHUBmWYeBcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88316
reporting-endpoints
x-fb-debug: tSk42tRDmtFtosHyTqPEUguJTnjNCxSlXn8Wik1t4FO0RRY3J3aACBtCH1SXb9x2T+gmm7bLQT3Q9RXvW3UEjA==
x-fb-content-md5: ac47bf9b9d4b07a6f75724c6bd1d5dfb
cross-origin-opener-policy: same-origin-allow-popups
etag: "7ddcb06fbf468170a42630a8124bbfcc"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Dec 2024 17:05:56 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 97CA 526 B
1 KB 35ms
34ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:28:04 GMT
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1946
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: d6ekzIjtjLq4Cngd1UO9UPA0TqrWKHn-9uSMj1uZo-U9d7q1nkNofw==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 46A7 55 KB
24 KB 28ms
26ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ouf6p39hoj8n

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 16:40:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 46A7 505 KB
203 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 10:53:21 GMT

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CCC8 531 KB
117 KB 46ms
39ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3053
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VM7Sa16v9FMsbLJ75oZjQgvm5S5fFHOKKffKsu1Pt5GS1lt7iG3VSw==

GET
H2 200 controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CCC8 688 KB
159 KB 65ms
58ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3054
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:14 GMT
server: Cloudfront
etag: W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: misxU8rB4QJ9vS2WAYa-E9C2r-5cvaGdifqst8jLOkHCtl9kBxFJog==

POST
H2 200 csp-report
q.stripe.com/ Frame 97CA 0
714 B 792ms
399ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102950
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102322
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 97CA 0
715 B 778ms
385ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102067
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030101710
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9450 531 KB
117 KB 93ms
85ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3053
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dE-nV7mHFD050_5R9oGDluvR8nkwpgRtpjqngtS7eUG6jQABG9uO_Q==

GET
H2 200 ui-shared-897f16408e805d064314826d31faa4db.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9450 404 KB
110 KB 104ms
95ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:11:41 GMT
content-encoding: gzip
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2994
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
etag: W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DVr1CnCm3bYHvE7HWMbDK5g4hL9SEwwuzaX5VDEZ99pb3XY929fNRw==

GET
H2 200 elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9450 52 KB
13 KB 101ms
96ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:19:15 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2531
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:40 GMT
server: Cloudfront
etag: W/"b5688a01127f6b7ade6e2a5679b5b032"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rJgH4GnxuNg2sYx4zt1MYI_bvOYNLbFnlzaV2Gb8xZJUQM9f-_yheg==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 9450 20 KB
4 KB 79ms
71ms Stylesheet
text/css 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:18:52 GMT
content-encoding: gzip
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2516
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:23 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: FjqWFcykGIpHrfJG4bCsPaYpBWSQnbY7Lv4MM2qsDC7ed5AQ8MdsQA==

GET
H2 200 elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 9450 14 KB
2 KB 80ms
72ms Stylesheet
text/css 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:58:50 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 152
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Mon, 18 Dec 2023 21:16:55 GMT
server: Cloudfront
etag: W/"8385166c06e8d209fc459b542697c4fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PpGHmm3Ai3jpTIXtTdfrWD0nkMRQeZ0Y_xpHXsiJC9lxtOKLRsiWjQ==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 9827 121 KB
37 KB 137ms
72ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46cb237641901c76f5437d4a93170bf4c4597f99ef968c26fac8ddfcfec828c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y34DFU8aQ_VY5B5dvlGDqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Y34DFU8aQ_VY5B5dvlGDqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 27 Dec 2023 18:00:29 GMT

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9827 531 KB
117 KB 78ms
73ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3053
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zse28jjJep00vWMAWQiEJ8__eQNTmYoOdXVs3mvQwvLi_n9UNWCLmQ==

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9827 12 KB
5 KB 36ms
35ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:10:26 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3005
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 21:05:35 GMT
server: Cloudfront
etag: W/"c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BMdunvCRhvuD89VAnI_NEnnRgx9qw3c02o-bBqAtstcCjqAjyUs7PQ==

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4C72 531 KB
117 KB 104ms
92ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3053
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: opOib9aKZxZ4xZEwM-JX48IjcX28Q2O9VOQrLe1GVsSIyIXxQj-kog==

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4C72 13 KB
6 KB 103ms
91ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:24:09 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2539
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Cloudfront
etag: W/"9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tXF48JcvpDhaAnj-80bK9Ulzw3SXDE8mphm03SHoUAaX9N9mbTTZxQ==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E27A 55 KB
24 KB 26ms
22ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 16:40:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame E27A 505 KB
203 KB 48ms
44ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:53:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 10:53:21 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame CCC8 0
714 B 757ms
413ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030103233
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102417
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9450 0
714 B 752ms
413ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102963
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102085
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9450 0
714 B 738ms
398ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102383
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102040
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9827 0
714 B 728ms
390ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102896
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102318
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9827 0
714 B 726ms
390ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102700
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102100
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 65ms
64ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 2198670
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c376a07de039d6-FRA
content-length: 38432

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 13 KB
14 KB 44ms
44ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 2065305
etag: "6568cc22-35f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c376a07de439d6-FRA
content-length: 13816

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 39 KB
39 KB 78ms
66ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 2198670
etag: "6568cc18-9cfc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c376a09e1d39d6-FRA
content-length: 40188

POST
H2 200 csp-report
q.stripe.com/ Frame 4C72 0
714 B 676ms
386ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030102724
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102318
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4C72 0
714 B 688ms
398ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030103302
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030102484
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 17CC 930 B
2 KB 74ms
24ms Document
text/html 2600:9000:2057:da00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:da00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 122
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:58:28 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-id: cslG1_SjcuYM7dJXDzKVdw9dGQpSqfXEmpkd_Cku8bdn1jVJtT_e9A==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
DATA 200
OK truncated Show response
/ Frame 3586 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 129ms
84ms Image
image/svg+xml 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 12:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 12:09:15 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 23ms
22ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 20:55:33 GMT
x-content-type-options: nosniff
age: 335096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 22 Dec 2024 20:55:33 GMT

POST
H3 200 83c3768faf6b30d8 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 32DF 0
274 B 87ms
86ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/83c3768faf6b30d8
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Dec 2023 18:00:29 GMT
content-encoding: br
server: cloudflare
cf-ray: 83c376a1fefb18cd-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame CCC8 474 B
865 B 95ms
35ms Fetch
application/json 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 17:59:34 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: AMS54-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: UudDBQWvM-liaRls-SkyjvhrBbB_DNMokxUdyWgIPXNwTBr0b6WXYQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame CCC8 474 B
865 B 82ms
34ms Fetch
application/json 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 17:59:34 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: AMS54-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 4LQLzuBCH2YJ6Q30CPBb7kTJCLENdedsh52t4QACXpfVmSbvvby2ig==

GET
H2 200 kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js Show response
www.google.com/js/bg/ Frame 46A7 17 KB
7 KB 83ms
21ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 00:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 236741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6851
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 00:14:48 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 46A7 2 KB
2 KB 26ms
26ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:09:58 GMT
x-content-type-options: nosniff
age: 161431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Jan 2024 21:09:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 46A7 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 498813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 46A7 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 593942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:01:27 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9450 474 B
864 B 30ms
30ms Fetch
application/json 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 17:59:34 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 55
x-amz-cf-pop: AMS54-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 0lidBxAPSf2KYfk2xL_1tJFJOLn5ATYoO0Al8tPTvKxA3iI1MyPzBw==

POST
H2 200 csp-report
q.stripe.com/ Frame 17CC 0
488 B 204ms
201ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030127910
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1703700030127467
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 17CC 87 KB
16 KB 56ms
54ms Script
text/javascript 2600:9000:2057:da00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:da00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:58:30 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 120
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: ovbd7UAjZxltwlM9xq-8CEQzoTa7KtBSc04ZlftbHbTfDtaLXGadkg==

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 46A7 102 B
135 B 39ms
38ms Other
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ouf6p39hoj8n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 27 Dec 2023 18:00:30 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 131ms
130ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1679673749184434&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Futm_campaign%3DCritical_Goal%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=440a83164c29dcc78a775fe45cf0fdeb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security: max-age=15552000; preload
date: Wed, 27 Dec 2023 18:00:30 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: UJdyXt4b5GdG/8mGkUHthtJfd1kPHO7ZuyZRGzEKDtkks56C5L8wZWZaLNB93g4af9+ieYL1ed4HJCQu7U/cUw==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame CCC8 2 KB
3 KB 390ms
271ms Fetch
application/json 198.202.176.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1713425cfdda0d76be3549dcb0405cacbc9181ebda33c1016c2165d04cf8fc13

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2481
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame D8C4 19 KB
8 KB 83ms
82ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b2f00f8431ed4dc329cfad0d74fdf6aeb905d757a3f2eebf1a31c456e02014d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WFFHBZgXGIjuynhrH9SyzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WFFHBZgXGIjuynhrH9SyzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
273 B 197ms
197ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030360983
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700030360502
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
273 B 197ms
197ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030361587
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030361087
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
272 B 197ms
197ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030362451
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700030361861
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 388ms
388ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030553696
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030553066
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 389ms
389ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030553747
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030553164
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 385ms
385ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030554475
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1703700030553896
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 387ms
387ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030554763
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030554528
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 389ms
389ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030555038
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030554759
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
273 B 389ms
389ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030557835
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700030557260
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 556ms
555ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030744831
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030744159
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9450 474 B
864 B 30ms
29ms Fetch
application/json 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 17:59:34 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 56
x-amz-cf-pop: AMS54-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: UiwX0D-0lkKuCSqaayazaTY0e2OBdSxgt5PpB3NNBTfGTN8yqIsBVA==

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 484ms
483ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030745464
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030744840
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame D8C4 159 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57423
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 17:20:42 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 475ms
475ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030745896
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030745417
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 17CC 156 B
668 B 600ms
202ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

687fbd88cac7c3c5f8bb794d01bfbdf6a031b46725798a9320d05aa58bf3835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030877108
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703700030876932
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D8C4 2 KB
2 KB 129ms
128ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 b Show response
r.stripe.com/ Frame 9450 0
274 B 380ms
379ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030745662
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030745489
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame D8C4 73 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:47:02 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 280ms
280ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030745998
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030745566
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html Show response
js.stripe.com/v3/ Frame 64D1 70 KB
24 KB 33ms
32ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 47
cache-control: max-age=60
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:59:51 GMT
etag: W/"078b5f9fb44d244a9ec072f93a216630"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: QcLyt9oFzj7WqBApF54jGuJyrw64B5-63SyzVFRXmFeBY9423k7LLQ==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 261ms
261ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030748542
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030747916
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 455ms
455ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030935304
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700030934714
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
36 KB 35ms
35ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:19:16 GMT
content-encoding: gzip
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2590
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Cloudfront
etag: W/"f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _cDIWsTzwwEWM0licjxrYbXYHKPDpuWGf-OjdPZc9TNV4Lt0hQVibA==

GET
H2 200 elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html Show response
js.stripe.com/v3/ Frame D3B2 73 KB
16 KB 32ms
31ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

baced10a1e2fcdbd05f7de1237a14c3bda821982f597403140606c21ebdc8055

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2953
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:46:03 GMT
etag: W/"a06d4d40d90d009417ba1db36e0f9c11"
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: TnsIdOfOfYwEAjL3l9-IIhumXgmxVVm7e5j9jCaOcXqB5SfaAixL_w==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
273 B 441ms
440ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030935261
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030934778
access-control-allow-credentials: true
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame D8C4 1 MB
376 KB 119ms
119ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51d24ac992cb2a873d53a50a6f5095e1725220780efc1a77e7713babbd5d3819

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-HXMe_ZIv_oLebKGfjo__jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-HXMe_ZIv_oLebKGfjo__jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 27 Dec 2023 18:00:30 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame D8C4 9 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:23:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 19:23:03 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame D8C4 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 19:35:35 GMT

POST
H3 200 log Show response
play.google.com/ Frame D8C4 131 B
155 B 245ms
245ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 281ms
222ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D8C4 131 B
155 B 132ms
81ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:30 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 112ms
56ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D8C4 131 B
155 B 258ms
257ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 279ms
225ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D8C4 131 B
155 B 244ms
243ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 277ms
224ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame D8C4 131 B
155 B 242ms
241ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 278ms
226ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 64D1 0
716 B 400ms
399ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030935929
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030935414
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 64D1 0
716 B 394ms
394ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030935898
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030935486
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3B2 531 KB
117 KB 33ms
32ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3054
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OcMbBBZJX1gMzp-36un7UTZ9G4_u6xXjXqx_hyQLPEvTf_bporfrJw==

GET
H2 200 elements-inner-link-button-for-card-48102b5e91ecfa8d33b04887579b84b2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3B2 24 KB
9 KB 88ms
88ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-48102b5e91ecfa8d33b04887579b84b2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5ca17cf5ee16c74721842f419ce5fc8066de6d6e202a80bf3be6125ebb804119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:54:28 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 514
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:40 GMT
server: Cloudfront
etag: W/"fc0cf4881a463ad55517e228b0a6d055"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: iNhBWoUoU40ZL3CCdAlmA4VYIBFI6UUc8xQYT3fEktWtYDYKAOrcXQ==

GET
H2 200 elements-inner-link-button-for-card-42a4ee70245e79dcd6b946f237887fcd.css
js.stripe.com/v3/fingerprinted/css/ Frame D3B2 25 KB
4 KB 31ms
31ms Stylesheet
text/css 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-42a4ee70245e79dcd6b946f237887fcd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

88c3d4d5beaaf259f1a4d85ec5c6b14e74ea9d0a6ce99751fa218f57757785c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:03:05 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3579
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Cloudfront
etag: W/"08aa13fc3d627e7cc58096e8a319c2c8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 29AGs_ndK3OiyzkLG_9hqEVfJU7soZjswGvYK6Y7skiuSMs19jCWIg==

POST
H2 200 csp-report
q.stripe.com/ Frame 64D1 0
716 B 388ms
386ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030936188
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030935503
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 64D1 474 B
863 B 32ms
31ms Fetch
application/json 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 17:59:34 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 56
x-amz-cf-pop: AMS54-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: x41S_CcYbXyK1mEbelLa-Nj4soSrBS6FU1wOXLv06FcGCl7i-jtnrg==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame CD10 419 B
1 KB 83ms
27ms Document
text/html 2600:9000:211e:d800:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:d800:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
cache-control: max-age=60
content-length: 419
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 18:00:30 GMT
etag: "f2595495e2e037e4030e4508b2132de6"
last-modified: Wed, 20 Dec 2023 10:13:46 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding,Origin
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-id: SmIpXWTnolZN3_-oCj8AQumDsXZQJojEKUu34UffL4IhyOokmdnPfg==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame D3B2 0
716 B 375ms
375ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030936323
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030935886
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D3B2 0
716 B 368ms
368ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700030936373
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700030935935
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H3 200 log Show response
play.google.com/ Frame D8C4 131 B
155 B 240ms
239ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Dec 2023 18:00:31 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 242ms
226ms Preflight
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 27 Dec 2023 18:00:30 GMT
expires: Wed, 27 Dec 2023 18:00:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 378ms
378ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030936784
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700030936165
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
274 B 354ms
354ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030939235
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030938654
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html Show response
js.stripe.com/v3/ Frame C465 820 B
2 KB 30ms
29ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

23c5517dc560cb3e98d21350dbbc3391a317cc95778f2fcc0d5c4e8f5a50f97f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1542
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 27 Dec 2023 17:39:24 GMT
etag: "13f5b53962ff74eccac8485e7b84ed7b"
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-id: MJG7e00Q-iNE3CZUo3GJvfPOb0XPqWAUxlqKKdIOBCnNXlmuJWkwBA==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 14 KB
14 KB 37ms
36ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:32 GMT
server: cloudflare
age: 1012575
etag: "6568cc1c-3904"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c376a7f96d39d6-FRA
content-length: 14596

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 17 KB
17 KB 35ms
34ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 16181
etag: "6568cc22-426c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83c376a7f97839d6-FRA
content-length: 17004

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
272 B 333ms
332ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:30 GMT
x-stripe-server-envoy-start-time-us: 1703700030941087
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700030940750
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
272 B 500ms
499ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:31 GMT
x-stripe-server-envoy-start-time-us: 1703700031125598
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700031125356
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C465 531 KB
117 KB 45ms
41ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:09:38 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3054
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PEi-Dxue9lyksP7XbX7CyUQqhGjlJ9k1IGUP285vWVMNnO6pkii0XQ==

GET
H2 200 ui-shared-897f16408e805d064314826d31faa4db.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C465 404 KB
110 KB 42ms
39ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:11:41 GMT
content-encoding: gzip
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2995
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
etag: W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: cjLEQyvNafcXjXWx3lCQP9qo0t94sB48Pu43tiZxr-6sH3S_qTiZmg==

GET
H2 200 elements-inner-payment-request-1d399a7f080a99348b815906ca7507af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C465 72 KB
23 KB 43ms
42ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-1d399a7f080a99348b815906ca7507af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4154dfbfca053fb39ec722e7b91d18bae390111056b68b91cf1962af5cc7d406

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:24:12 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2441
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:40 GMT
server: Cloudfront
etag: W/"2926998df35a2869147a8bc7603dfa14"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eGhdpmyE0ib-rqQH-PSthY87VgDkFxXHhflNqr1k-XkadZQDN7TT8w==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame C465 20 KB
4 KB 40ms
38ms Stylesheet
text/css 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:18:52 GMT
content-encoding: gzip
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2517
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:23 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: px3vMtQN22_tA9WQ6iIkIJcn0-z_Bf9LuZA7sx7vAn-3w1yP6vlwEQ==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame C465 11 KB
3 KB 40ms
37ms Stylesheet
text/css 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:41:27 GMT
content-encoding: br
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1213
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
last-modified: Mon, 18 Dec 2023 21:16:55 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pASeOhrPM778uYVLCyqk3FLL2yW2SgYonQLVMK725j_QAKqM3-gIyA==

POST
H2 200 csp-report
q.stripe.com/ Frame C465 0
714 B 473ms
471ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700031126551
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700031126219
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C465 0
714 B 476ms
475ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700031126837
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703700031126220
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 46A7 13 KB
9 KB 72ms
72ms XHR
application/json 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95c535385a37e9d142f5f40889f2dd4dd8ee2c29c14a6152d4b175b0db573b46

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ouf6p39hoj8n
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 27 Dec 2023 18:00:30 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame CD10 326 KB
92 KB 87ms
37ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 83c376a89dce9191-FRA
x-amz-cf-id: ny2oircSOsRty5yFHkP_JDpdlas4ufwOVrxi9Oz3kxb7arRWc2_iQA==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame CD10 114 KB
35 KB 30ms
30ms Script
text/javascript 2600:9000:211e:d800:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:d800:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 27 Dec 2023 17:55:02 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
age: 343
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Wed, 20 Dec 2023 10:13:46 GMT
server: Cloudfront
etag: W/"bee965892c4aac937bcf9539ea1cdb95"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: A93ktbAaxUbq0uFW-A_DfDJ75AwD9wFyrWiJTF9b7Xw08vw0WrAzQw==

GET
H2 200 HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame CD10 17 KB
7 KB 46ms
46ms Script
text/javascript 2600:9000:211e:d800:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:d800:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=a93c9780-d773-46f3-8be0-1e277a7e4bba&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Dec 2023 17:03:47 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
age: 3406
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Wed, 20 Dec 2023 10:13:46 GMT
server: Cloudfront
etag: W/"b8e83aaf649bb3940fb65537c506c37a"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: FRpWjZ07pWi2lscNu3qZQfnWDKbTQOS_0x-x1vtiJmiFc7CzTkK0tw==

POST
H2 200 csp-report
q.stripe.com/ Frame CD10 0
488 B 458ms
458ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?utm_campaign=Critical_Goal&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700031127449
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1703700031126243
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame C465 474 B
864 B 37ms
36ms Fetch
application/json 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-27.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-13f5b53962ff74eccac8485e7b84ed7b.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 17:59:34 GMT
via: 1.1 80826ca6c4fd6005aeacf5a03c8d42e8.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 56
x-amz-cf-pop: AMS54-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: xI2aIKfDknTM4I5dHTKqxplF-hTCo73EhhheTo2L6UH_cRzY_6iJJg==

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
272 B 365ms
364ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:31 GMT
x-stripe-server-envoy-start-time-us: 1703700031127436
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700031126952
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 9E2C 2 KB
1 KB 32ms
31ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=s5nay6ni8mg

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

461248bbc35a169ba0dd7c8534476b4e7522b100e96785cbe07d74397b3925a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 97654
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 83c376a93eb29191-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 18:00:30 GMT
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-id: 8leUspaZNwfVMqoARHDLMICavX36xmv5c9YIKIcHd4Nhx5axBWnJxQ==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
272 B 319ms
316ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:31 GMT
x-stripe-server-envoy-start-time-us: 1703700031128010
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700031127351
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 9E2C 326 KB
92 KB 58ms
57ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=s5nay6ni8mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=s5nay6ni8mg
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 97658
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 83c376a97f109191-FRA
x-amz-cf-id: ny2oircSOsRty5yFHkP_JDpdlas4ufwOVrxi9Oz3kxb7arRWc2_iQA==

POST
H2 200 6 Show response
m.stripe.com/ Frame 17CC 156 B
666 B 203ms
203ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

687fbd88cac7c3c5f8bb794d01bfbdf6a031b46725798a9320d05aa58bf3835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700031090997
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703700031090386
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 17CC 156 B
666 B 247ms
247ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

687fbd88cac7c3c5f8bb794d01bfbdf6a031b46725798a9320d05aa58bf3835f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703700031140389
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703700031140162
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 9E2C 719 B
909 B 70ms
51ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf3a47937806433941940566e7b18dd4c016fa11b67156f0a913b8d335b8f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 83c376aa484c9191-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/2458d9b/ Frame 9E2C 499 KB
217 KB 37ms
37ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/2458d9b/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=s5nay6ni8mg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: 1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age: 106625
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:59:11 GMT
server: cloudflare
etag: W/"9d671418ff661c7370b4e3530ac92335"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 83c376aa9c8019a9-FRA
x-amz-cf-id: X7Abgmsqv-OY2Rird1S10U-97WdL3wa3owgW9dNcuVIQ_kBV_inlKw==

POST
H2 200 b Show response
r.stripe.com/ Frame 9450 0
272 B 196ms
195ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:31 GMT
x-stripe-server-envoy-start-time-us: 1703700031602527
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703700031601876
access-control-allow-credentials: true
content-length: 0

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame 9E2C 3 KB
3 KB 171ms
170ms XHR
application/json 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f537ca4a137a1acc356a27c4ec8530a34db05fda343a9283564f54712a717e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Dec 2023 18:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 83c376ad78a019a9-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 b Show response
r.stripe.com/ Frame CCC8 0
273 B 198ms
198ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 27 Dec 2023 18:00:32 GMT
x-stripe-server-envoy-start-time-us: 1703700032863562
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703700032863082
access-control-allow-credentials: true
content-length: 0

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
678 B 49ms
32ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 17:36:24 GMT
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1470
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
content-length: 176
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Cloudfront
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: EagsDrgwCwZaPLyS0CCEaOoihilz5-4z0_IMoDTV10H2yNvvOHAZTA==

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 21:34:12	Name: _GRECAPTCHA Value: 09APYnBZXuEOi4m7OPfb15ZeJ0aFdh_Qnm-AT2-LZqywMaqwHc_pmaxMstzQHt4CHQYqfvFEJ0f-ci4SHropPbsvQ
paracom.paramountcommunication.com/	1970-01-20 17:25:04	Name: AWSALB Value: d09EmOl90P652iyJFGlNF11W4HPJqQQ9X7uDvk20wLXaY1pTXZ1qpnqNFinS9np4I5XDd52czHYRHLvLA6R3VDkSC5z9bY/Njqmqg78T180GIDZWCMX6JDYBVXFu
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_token Value: CpVC3Nwzwjh5inwvc1gSgvpUCm1EaFcfXMKLj2Jp2hI%3D
.www.kennedy24.com/	1970-01-20 17:15:01	Name: __cf_bm Value: vpLO0QyrYJiMUIBAYU0ZaMM0aTwixq86kHjWQml1yTU-1703700027-1-AdqZ4rUhYqnwNSsQTb1X3cW+wzSK6WxfRLS2GFonTGOcR8EkUQO60s/s1BF0efEUNQgw/5Sb1qc9pK7LNHje03E=
.nationbuilder.com/	1970-01-20 17:15:01	Name: __cf_bm Value: WalwF.vrYuqUVJyOIATNxDzG.QSJ.ZdtqQ98LwE4voA-1703700027-1-AbRD2OpW1qX+f+uqUbtLPiGUX2P3D8jJoR6AILkG520HiQK8P1lec0MqI4r6e1LszJHemf8gD5FqUR4vJeGAz2k=
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: bI3SEz0ictojFnOJR4sIHEtiMK6WZQDwYXOqD2G07Y8-1703700028481-0-604800000
.kennedy24.com/	1970-01-21 02:51:00	Name: _ga_CAPI12345 Value: GS1.1.1703700028.1.0.1703700028.0.0.0
.kennedy24.com/	1970-01-21 02:51:00	Name: _ga Value: GA1.1.1651364700.1703700029
.kennedy24.com/	1970-01-21 02:51:00	Name: _ga_JWBYYEB6SQ Value: GS1.1.1703700028.1.0.1703700028.60.0.0
.kennedy24.com/	1970-01-20 19:24:36	Name: _fbp Value: fb.1.1703700028977.2142775550
.t.co/	1970-01-21 02:51:00	Name: muc_ads Value: dc927446-b17e-477c-b499-762e5c8526db
.twitter.com/	1970-01-21 02:51:00	Name: guest_id_marketing Value: v1%3A170370002885610532
.twitter.com/	1970-01-21 02:51:00	Name: guest_id_ads Value: v1%3A170370002885610532
.twitter.com/	1970-01-21 02:51:00	Name: personalization_id Value: "v1_VyAO+WgmxsS1E5ti4iO8rQ=="
.twitter.com/	1970-01-21 02:51:00	Name: guest_id Value: v1%3A170370002885610532
.google.com/	1970-01-20 21:38:31	Name: NID Value: 511=LzmGzP0jHIiD8k2HXkMnZWA5VhlphB7V4mH6OC8tqbGPxfYqhVwhSVyL7oftvPnrwKX0KThehotmnfJmj4_wLkt8M-r7x8ab7bflX7nME3H_MkNpAiv_GVzE_x1gc2HfUXSAFJtTEV6kfKPDTprcPN_Yq9yJ6cVr2agarFTdgf8
.www.kennedy24.com/	1970-01-21 02:00:36	Name: cf_clearance Value: FMfvhDtKEXO54C7HrHkoPY5_YcsDlRGmhA8TjR.3ln0-1703700029-0-2-3762bf7f.db83c119.b172806-0.2.1703700029
m.stripe.com/	1970-01-21 02:51:00	Name: m Value: c14faed6-9d70-4471-969a-3fc5941a9030e1c851
.www.kennedy24.com/	1970-01-21 02:00:36	Name: __stripe_mid Value: d9410d2f-3145-4317-8f49-ead90583752f6aa81d
.www.kennedy24.com/	1970-01-20 17:15:01	Name: __stripe_sid Value: 48ba274c-ae90-4fd7-8f03-f2cca641f9c8d851d7
api.hcaptcha.com/	1970-01-20 17:58:12	Name: hmt_id Value: ddd68eab-db1b-443e-ae86-1127274c3358

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8 Message: Failed to load resource: the server responded with a status of 429 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fwww.kennedy24.com(Line 2) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.hcaptcha.com
assets.nationbuilder.com
b.stripecdn.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
hcaptcha.com
joinkennedy.nationbuilder.com
js.stripe.com
ka-f.fontawesome.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
newassets.hcaptcha.com
p.typekit.net
paracom.paramountcommunication.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
server-side-tagging-ptjx4tds2q-uc.a.run.app
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.kennedy24.com
www.lightboxcdn.com
www.recaptcha.net
104.19.218.90
104.19.219.90
104.244.42.133
104.244.42.195
13.227.219.27
146.75.120.157
198.202.176.81
2001:4860:4802:32::36
2001:4860:4802:34::35
2600:9000:2057:da00:19:7d10:bd80:93a1
2600:9000:211e:d800:b:1d09:f200:93a1
2606:4700:10::6816:3b64
2606:4700:4400::ac40:93bc
2606:4700:7::a29f:802d
2606:4700:7::a29f:8a2c
2606:4700::6810:3965
2606:4700::6813:d483
2606:4700:e2::ac40:8007
2a00:1450:4001:802::2008
2a00:1450:4001:806::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:400c:c0c::5c
2a00:1450:400c:c1d::9a
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ec6
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
44.233.104.20
54.149.72.23
54.187.119.242
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
035acb9989bee814e90ba82806d1acf3a0e80876946097f6e1579ccd7c0799b2
04b87bd2fb90b58ff36d0eb0524af04113874182f82230cde550e98889c79d19
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
161adc1b69be76ccc5346711bc49c475f190bcf75dd03c834032e4b065330e20
1713425cfdda0d76be3549dcb0405cacbc9181ebda33c1016c2165d04cf8fc13
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
21a6640d3ce7365637d29a95caa2753b22d89b6a63b0ebe793c41a684682371e
23c5517dc560cb3e98d21350dbbc3391a317cc95778f2fcc0d5c4e8f5a50f97f
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
4154dfbfca053fb39ec722e7b91d18bae390111056b68b91cf1962af5cc7d406
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
461248bbc35a169ba0dd7c8534476b4e7522b100e96785cbe07d74397b3925a0
46cb237641901c76f5437d4a93170bf4c4597f99ef968c26fac8ddfcfec828c8
473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
51d24ac992cb2a873d53a50a6f5095e1725220780efc1a77e7713babbd5d3819
558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438
55f537ca4a137a1acc356a27c4ec8530a34db05fda343a9283564f54712a717e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5ca17cf5ee16c74721842f419ce5fc8066de6d6e202a80bf3be6125ebb804119
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
687fbd88cac7c3c5f8bb794d01bfbdf6a031b46725798a9320d05aa58bf3835f
695831fb486ce5a02864ef0fe2d75c340e300f618758c8f0bf4650b1f71ce014
6b2f00f8431ed4dc329cfad0d74fdf6aeb905d757a3f2eebf1a31c456e02014d
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fa331e0ab41990001851e47d5c5050a194056d4f47c8653abbb250313be7b0a
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78
7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932
759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9
77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88c3d4d5beaaf259f1a4d85ec5c6b14e74ea9d0a6ce99751fa218f57757785c3
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8ca4ae73c9e1d1c38c8a7d19601535db2be9e86b782906fd2d996e55a1616e0a
8f4fe059ce1def9ba5b61ded7e863b8dfa4b86aa83a82730a7af3c026e27260f
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95c535385a37e9d142f5f40889f2dd4dd8ee2c29c14a6152d4b175b0db573b46
9bd66d50b7f6cc940b717bbdb68f5873a762c0a2176d49920511fd6ca83f29d8
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec
a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c
a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d
afe6b86fc8325437c2af7e4edd2ca647ce23db739d22bb14dae263c6ad684e9e
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b4cecfe886b14bafb0d4c8c98d27607ab97ef3c20685d6a0d4edbf614e296da3
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
baced10a1e2fcdbd05f7de1237a14c3bda821982f597403140606c21ebdc8055
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bc28251b3d97ce4bc136a7574c4c0e60471da42c0e106b7aef16e729f1211ec3
bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c836a1366ea4d18fad82940143967b7b8749864ab8e2e173a050a1f15943d536
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6fd706b4892c8255050f191149bfab922209caa6d4f16d3d8dea73e3881799
cd8f23ba912aba21c41c9d54ce91149f0630ed2e7aebb4adf267e6398c29f72c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0cac8752fa8ba53a1555e539e1a29fa7a4bcf8ee3bd8f9d7c80db9760206ac9
d64a80c5311000e42e55ad2a62dcf422b9468ba55472d51d2165d4cddd1ef8dc
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fac192122576857bb4f1ef1ad71621dccf6edaee2ae76b710ccddaa2c73764
e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d
eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fdf3a47937806433941940566e7b18dd4c016fa11b67156f0a913b8d335b8f8d

www.kennedy24.com Open in urlscan Pro 2606:4700:7::a29f:802d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

202 Requests

99 %HTTPS

74 %IPv6

25 Domains

43 Subdomains

40 IPs

4 Countries

4495 kBTransfer

14999 kBSize

21 Cookies

7 Outgoing links

Page URL History

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:802d Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

99 %
HTTPS

74 %
IPv6

25
Domains

43
Subdomains

40
IPs

4
Countries

4495 kB
Transfer

14999 kB
Size

21
Cookies

202 HTTP transactions
2 data transactions