www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paracom.paramountcommunication.com/ct/62692882:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r
Effective URL:
https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Submission: On January 16 via api (January 16th 2024, 2:21:49 pm UTC) from US — Scanned from DE

Summary HTTP 195 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 26 domains to perform 195 HTTP transactions. The main IP is 2606:4700:7::a29f:8a2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kennedy24.com. The Cisco Umbrella rank of the primary domain is 506442.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.

This is the only time www.kennedy24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.38.171.38 52.38.171.38	16509 (AMAZON-02) (AMAZON-02)
2 28	2606:4700:7::... 2606:4700:7::a29f:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	108.138.36.106 108.138.36.106	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e4:... 2606:4700:e4::ac40:a507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:1e94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
28	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4013:c00::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	198.202.176.141 198.202.176.141	16509 (AMAZON-02) (AMAZON-02)
3	34.215.162.111 34.215.162.111	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	13.32.27.65 13.32.27.65	16509 (AMAZON-02) (AMAZON-02)
4	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
195	42

1 52.38.171.38 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-171-38.us-west-2.compute.amazonaws.com

paracom.paramountcommunication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:7::a29f:8a2c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.kennedy24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
joinkennedy.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 108.138.36.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-106.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a507 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1e94 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-ptjx4tds2q-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c00::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.141 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.215.162.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-162-111.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-65.fra56.r.cloudfront.net

b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5083 r.stripe.com — Cisco Umbrella Rank: 3369 m.stripe.com — Cisco Umbrella Rank: 1188	1 MB
22	google.com translate.google.com — Cisco Umbrella Rank: 1164 region1.analytics.google.com — Cisco Umbrella Rank: 2616 pay.google.com — Cisco Umbrella Rank: 2630 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 31	462 KB
18	nationbuilder.com joinkennedy.nationbuilder.com — Cisco Umbrella Rank: 826224 assets.nationbuilder.com — Cisco Umbrella Rank: 85797	337 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	846 KB
14	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140 ka-p.fontawesome.com — Cisco Umbrella Rank: 3262	350 KB
10	kennedy24.com 2 redirects www.kennedy24.com — Cisco Umbrella Rank: 506442	33 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 5797 newassets.hcaptcha.com — Cisco Umbrella Rank: 7041 api.hcaptcha.com — Cisco Umbrella Rank: 7252	408 KB
6	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1284	39 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369 www.googleapis.com — Cisco Umbrella Rank: 20 translate.googleapis.com — Cisco Umbrella Rank: 800	240 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	179 KB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 12411	43 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2074 rs.fullstory.com — Cisco Umbrella Rank: 2075	70 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	254 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	google.pt www.google.pt — Cisco Umbrella Rank: 13270	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
2	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5668	2 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 463 p.typekit.net — Cisco Umbrella Rank: 566	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 789	726 B
1	t.co t.co — Cisco Umbrella Rank: 656	378 B
1	run.app server-side-tagging-ptjx4tds2q-uc.a.run.app	459 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	getbootstrap.com getbootstrap.com — Cisco Umbrella Rank: 49095	7 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
1	paramountcommunication.com 1 redirects paracom.paramountcommunication.com — Cisco Umbrella Rank: 250304	855 B
195	26

	Domain	Requested by
37	js.stripe.com	www.kennedy24.com js.stripe.com
16	q.stripe.com	www.kennedy24.com
12	play.google.com	www.gstatic.com
12	r.stripe.com	js.stripe.com
12	www.gstatic.com	www.recaptcha.net www.gstatic.com pay.google.com
10	joinkennedy.nationbuilder.com	www.kennedy24.com
10	www.kennedy24.com	2 redirects www.kennedy24.com static.cloudflareinsights.com
8	assets.nationbuilder.com	www.kennedy24.com
7	ka-p.fontawesome.com	kit.fontawesome.com
6	www.recaptcha.net	www.kennedy24.com www.gstatic.com assets.nationbuilder.com www.recaptcha.net
4	pay.google.com	js.stripe.com pay.google.com www.kennedy24.com www.gstatic.com
4	connect.facebook.net	www.googletagmanager.com www.kennedy24.com connect.facebook.net
4	ka-f.fontawesome.com	kit.fontawesome.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
3	m.stripe.com	m.stripe.network
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	www.kennedy24.com www.googletagmanager.com
3	kit.fontawesome.com	www.kennedy24.com kit.fontawesome.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	www.facebook.com	www.kennedy24.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.com	www.gstatic.com
2	edge.fullstory.com	www.kennedy24.com edge.fullstory.com
2	www.google.pt
2	www.lightboxcdn.com	www.kennedy24.com
2	fonts.googleapis.com	www.kennedy24.com joinkennedy.nationbuilder.com
1	hcaptcha.com	b.stripecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	rs.fullstory.com	edge.fullstory.com
1	translate.googleapis.com
1	analytics.twitter.com
1	t.co
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	server-side-tagging-ptjx4tds2q-uc.a.run.app	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	getbootstrap.com	www.kennedy24.com
1	www.googleapis.com	assets.nationbuilder.com
1	translate.google.com	www.kennedy24.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	www.kennedy24.com
1	use.typekit.net	www.kennedy24.com
1	ajax.googleapis.com	www.kennedy24.com
1	paracom.paramountcommunication.com	1 redirects
195	46

This site contains links to these domains. Also see Links.

Domain
checkout.opennode.com
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
rumble.com

Subject Issuer	Validity	Valid
www.kennedy24.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2023-10-21` - `2024-10-20`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
assets.nationbuilder.com E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.pt GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Frame ID: 981484C607204AD0BF859AAC5911CC85
Requests: 82 HTTP requests in this frame

Frame: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: F24033AAF697DCC99AD99E70DEFA97CC
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 9F0216BF49AF015F5FB27B0AEC3A0BF1
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ijqw0w2t2x9
Frame ID: D0C8FD9030474CF88A108F4B17C10907
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=4sbrqlcuislo
Frame ID: D820D270D82B13116C6DB41A085D79DF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
Frame ID: 466DF7FA21C624539A2332B71A6D2A68
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
Frame ID: A3FBD3A08DC05EA814BECC2541422245
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html
Frame ID: B1ABAF2ECC33AF42907650FB67F19856
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html
Frame ID: F74F7FE83A8272FA0600AC7532B6EF45
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=4sbrqlcuislo
Frame ID: FE6DE6CF37E55BF56160EB8DCFCEAFCD
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: E30676BFEC1AC53044A64F837D984683
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D7B5E28A1C3FDB8E1DC393C1F29027D0
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 60E0D4DC572D96AA5E5C1B029A9E9F4B
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html
Frame ID: 2014D40F2B25EAE4A9B71688946224D5
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
Frame ID: 348EF71D9B9F8EE75CA82E08EF8FDE38
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
Frame ID: 08505212F8A1B25919A17BD39CDCBFA8
Requests: 9 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 16DA858C73F5DA3562FF2D9A8BD788C5
Requests: 5 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=oemeyamtue
Frame ID: CD916CEA6BD9BC5925ED92E075E69A26
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We, the People... | Kennedy24

Page URL History Show full URLs

http://paracom.paramountcommunication.com/ct/62692882:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r HTTP 302
https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

195
Requests

99 %
HTTPS

66 %
IPv6

26
Domains

46
Subdomains

42
IPs

5
Countries

4730 kB
Transfer

16724 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.opennode.com/p/d05e70a0-a317-4e30-b81d-1ae3e5575d2c
Title: Bitcoin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/robertfkennedyjr/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rfkjr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@teamkennedy2024

Search URL Search Domain Scan URL

URL: https://twitter.com/RobertKennedyJr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ewc5vQcMpLticvqPDcSQw

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RFKjr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paracom.paramountcommunication.com/ct/62692882:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r HTTP 302
https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 62

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

195 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
www.kennedy24.com/
Redirect Chain

http://paracom.paramountcommunication.com/ct/62692882:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r
https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

85 KB
20 KB

389ms
288ms

Document
text/html

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8407966ce07dba88121ce62cb89ac90cf05bba9a517222149f492856513d3634

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 846701aada0e4d64-FRA
content-encoding: br
content-security-policy: frame-ancestors joinkennedy.nationbuilder.com
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
vary: Accept
x-content-digest: 65753cce8143663bc54d2c06b4df11a91a5e5a5c
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1705414903582364
x-nb-cached-page: yes
x-rack-cache: stale, invalid, ignore, store
x-request-id: 09b74bdd-ab3c-466b-871d-7882cdd26004
x-runtime: 0.111446

Redirect headers

AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 221
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jan 2024 14:21:43 GMT
Location: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 89ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 14:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 14:21:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 14:21:43 GMT

GET
H2 200 theme.scss
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 419 KB
58 KB 107ms
48ms Stylesheet
text/css 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/theme.scss

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc36d7ef97ab9f8cec6a6ef5e8e611d750f940460ba845d68317a075e821157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 159
x-middleware-start: t=1705383432346661
alt-svc: h3=":443"; ma=86400
x-request-id: c9253677-bb01-4fe2-b5a9-1aee76a8eb20
x-runtime: 3.481459
x-content-digest: 4e74c35d4d42b4d785725da9ae5be2bf4482993b
server: cloudflare
etag: W/"cdc36d7ef97ab9f8cec6a6ef5e8e611d"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 846701ad0e0c9944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:55 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
6 KB 77ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 17:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5640
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 17:39:52 GMT

GET
H2 200 opz7yic.css
use.typekit.net/ 10 KB
1 KB 141ms
39ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/opz7yic.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

751c35af08d9aa58dc304762b4696f0b56e3debcba775d38db4a9d87ceb1ff12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 16 Jan 2024 14:21:43 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1198

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
5 KB 124ms
59ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:43 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 6009
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 846701ad1f621e6a-FRA
x-amz-cf-id: uN2hqMuJB6TKW_5qdGrvmve7up1biFdB69A8cbfDF0c6-ugjpYTeMw==
expires: Tue, 16 Jan 2024 18:21:43 GMT

GET
H2 200 profile-login.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/ 3 KB
4 KB 112ms
47ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/profile-login.png?1697582282
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:43 GMT
x-amz-version-id: UZ3z2H3eCPLVBD_NSfvXtS6kN40SZ1iE
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 4615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3222
last-modified: Tue, 17 Oct 2023 22:38:03 GMT
server: cloudflare
etag: "2d003d6e18b1ba4e0db766e8f4dc526f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 846701ad1f691e6a-FRA
x-amz-cf-id: 68oaKPDVj8NCZRIGXPhasdXzhwpBPuVT8ku1JA4m9_eAFtbRxUmk8g==
expires: Tue, 16 Jan 2024 18:21:43 GMT

GET
H2 200 rumble_logo_white.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/ 22 KB
23 KB 106ms
42ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/rumble_logo_white.png?1697064082
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:43 GMT
x-amz-version-id: QTvG_ogPyZRtij5jlvYT2NsZCXixTkK7
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 4614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 22352
last-modified: Wed, 11 Oct 2023 22:41:23 GMT
server: cloudflare
etag: "28e5ce4754ad7167c4c4e5eb9378ff1e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 846701ad1f671e6a-FRA
x-amz-cf-id: Bgp6E95FCaI-_vM3AqoSnqM1zsBbzZFHXfNfLbTwHHwcnoO4AxeW1w==
expires: Tue, 16 Jan 2024 18:21:43 GMT

GET
H2 200 rocket-loader.min.js Show response
www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
server: cloudflare
etag: W/"658bfe17-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 846701acabf74d64-FRA
expires: Thu, 18 Jan 2024 14:21:43 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 120ms
75ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 846701acfb445d66-FRA

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
529 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/theme.scss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joinkennedy.nationbuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 14:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 13:51:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 14:21:43 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 131ms
35ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=opz7yic&ht=tk&f=22792.22793.22794.24318.40090.40091.40092.25668.25670.25673.25676.25679.51955.51956&a=2508016&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/opz7yic.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:37:24 GMT
x-content-type-options: nosniff
age: 269060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 11:37:24 GMT

GET
H2 200 fslightbox.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 30 KB
10 KB 48ms
43ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/fslightbox.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
x-middleware-start: t=1705383432849736
alt-svc: h3=":443"; ma=86400
x-request-id: 9279f469-f095-49c7-bb43-2616eb15167e
x-runtime: 0.117096
x-content-digest: 167b1e36379227a2fa7c635269bdcb0ed8dec4c0
server: cloudflare
etag: W/"77ba0f0971a262f3fe1999d37208a8a7"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f549944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 112ms
45ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4249d6eefdf3f232e1e673d9f2526767c25ba6585d7712107c1994bd63c270da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 50 KB
16 KB 43ms
39ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
x-amz-version-id: 9FhmNzP5VKtGFI6Q2AeFoOvTMd.Koj5z
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 115622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:14:54 GMT
server: cloudflare
etag: W/"9714f34f09a34492cd827f7620009730"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 846701ae99511e6a-FRA
x-amz-cf-id: gro__TTbN4CAlLVw9A4Rkdg9nslEWqH1g27n8_fa0MhKODbC_AU9rA==
expires: Tue, 23 Jan 2024 14:21:44 GMT

GET
H2 200 k24-float-label.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 3 KB
900 B 48ms
44ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/k24-float-label.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
x-middleware-start: t=1705383432856524
alt-svc: h3=":443"; ma=86400
x-request-id: 700fe453-edea-4285-98cb-fe09bb9d869c
x-runtime: 0.124876
x-content-digest: 858dc6cedc176df364401823e6b822ffa39fd992
server: cloudflare
etag: W/"a7e81be515a4350b67aaa7b634852658"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f599944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 localized-inputs.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 2 KB
931 B 54ms
51ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/localized-inputs.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
x-middleware-start: t=1705383432857227
alt-svc: h3=":443"; ma=86400
x-request-id: 4acd48c7-e030-43e4-a10e-18ee2b99d48b
x-runtime: 0.142231
x-content-digest: 44e5290de99fa9b40844d1e42b544d997e7c61ee
server: cloudflare
etag: W/"81d4fa5df88680bfb5899dc73e158c00"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f5d9944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 theme.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 50 B
227 B 49ms
45ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/theme.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
x-middleware-start: t=1705383432924955
alt-svc: h3=":443"; ma=86400
x-request-id: f0364b47-5bcc-4d1d-99ea-a821d2778906
x-runtime: 0.128437
x-content-digest: 25fec939dd7fcf76bdd26229129e82ba0de317b7
server: cloudflare
etag: W/"7592e61876da5df397281e08f2abf3aa"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f609944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 bs-custom-file-input.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 2 KB
1 KB 53ms
49ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/bs-custom-file-input.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
x-middleware-start: t=1705383432849407
alt-svc: h3=":443"; ma=86400
x-request-id: b5c0f3ee-3c99-4468-9312-0c88e7cd7c15
x-runtime: 0.107213
x-content-digest: 59d3af0630bcb8da94e201ce3453821d82447d22
server: cloudflare
etag: W/"4be37bbc2e40bc238e8895eac52b3a9d"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f639944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 bootstrap.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 57 KB
16 KB 51ms
47ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/bootstrap.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 143
x-middleware-start: t=1705383433148382
alt-svc: h3=":443"; ma=86400
x-request-id: e28847a3-6475-4ee1-82cb-feaab14100e8
x-runtime: 0.143989
x-content-digest: 6778fed3cf095a318141a31f455c8f4663885bde
server: cloudflare
etag: W/"0a34a87842c539c1f4feec56bba982fd"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f649944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 56ms
52ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
x-amz-version-id: 9Lgtfo2KO1vjkUANzwHYiftMn2Nstey0
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 372082
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 846701ae99531e6a-FRA
x-amz-cf-id: Qytx3pIQNaZVadlsRt4GHseWDbF3c3a9MVifOfa6zVSfet7PxQQwtQ==
expires: Tue, 23 Jan 2024 14:21:44 GMT

GET
H3 200 donation_v2_page.js Show response
www.kennedy24.com/assets/liquid/ 2 KB
1 KB 41ms
39ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/assets/liquid/donation_v2_page.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 109
x-middleware-start: t=1701709213100246
alt-svc: h3=":443"; ma=86400
x-request-id: c4051e70-a3c1-43eb-8277-2cefada5f3cb
x-runtime: 0.039264
x-content-digest: 97924c19946db9c05a96df5fd79c4dffb67f84d3
server: cloudflare
etag: W/"fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 846701ae9d6f3834-FRA
x-rack-cache: stale, valid, store
expires: Tue, 16 Jan 2024 18:21:44 GMT

GET
H2 200 staged-donations.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 11 KB
2 KB 49ms
46ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/staged-donations.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 109
x-middleware-start: t=1705414795685642
alt-svc: h3=":443"; ma=86400
x-request-id: e939d55d-c761-4786-aff7-8a4121c7692c
x-runtime: 0.071797
x-content-digest: 45862d061369f952adfaa29d6844935610f45e8c
server: cloudflare
etag: W/"3fef202588115c2a23969fc04c669b49"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f669944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 donate-jquery.ui.effect-slide.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 774 B
644 B 51ms
48ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/donate-jquery.ui.effect-slide.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 109
x-middleware-start: t=1705414795672029
alt-svc: h3=":443"; ma=86400
x-request-id: 5081db3c-9b91-49ad-800b-421af207cfbd
x-runtime: 0.066961
x-content-digest: 2d0b4629f786724cb9ceba70e34ff5775fa16084
server: cloudflare
etag: W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f679944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 donate-jquery.ui.effect.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 13 KB
5 KB 56ms
53ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/donate-jquery.ui.effect.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 109
x-middleware-start: t=1705414795676967
alt-svc: h3=":443"; ma=86400
x-request-id: 1aa82a38-fdb0-465a-bb18-00a4af2cbd8d
x-runtime: 0.057025
x-content-digest: 1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server: cloudflare
etag: W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 846701ae9f689944-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:10:56 GMT

GET
H2 200 38b3ad1ee0.js Show response
kit.fontawesome.com/ 12 KB
5 KB 97ms
38ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 16
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 846701aeea30997a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6qprD8txGMy-kCnZ4xi

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/ 3 KB
1 KB 733ms
673ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/lightbox_speed.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c84c299c77064e01c76d66bd64ca5adec6a7d14668beec7c1fa2ba8b8c07d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: s73XdXeBdFFAUowS4rmvSQ==
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 15 Jan 2024 14:14:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 6afcc92a-a01e-0004-2dc4-47edb2000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 846701aefdad5d96-FRA
expires: Tue, 16 Jan 2024 14:22:44 GMT

GET
H2 200 706b9f1865.js Show response
kit.fontawesome.com/ 12 KB
5 KB 207ms
148ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706b9f1865.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 846701aeec359a33-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58bV-Trl9mCGXDYNKwh

GET
H2 200 payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js Show response
assets.nationbuilder.com/assets/ 16 KB
4 KB 39ms
37ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
x-amz-version-id: 0UtgqgwClP8EiIar9FS0D8kcRrDirDUw
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 113792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:35 GMT
server: cloudflare
etag: W/"7d0fc9aeec4f03aeef50129fbe29b1df"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 846701ae99571e6a-FRA
x-amz-cf-id: JJx1THGMpQ_DAmw5zSkdDNOB-NUa0hAxrr1wStRHDT6Le5lDzYU2kA==
expires: Tue, 23 Jan 2024 14:21:44 GMT

GET
H2 200 payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js Show response
assets.nationbuilder.com/assets/ 35 KB
4 KB 44ms
42ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
x-amz-version-id: tE.L.zuQWxf9ft6Yeo3ica7oKSBsQYTG
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 187955
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:35 GMT
server: cloudflare
etag: W/"ba73545e732d35824a90f9daee280d57"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 846701ae99581e6a-FRA
x-amz-cf-id: bYXUpR7wtsyJ7qqBbZxZEjr5aAnBoySy3EK-klWUKxXuJN4xtmdKPA==
expires: Tue, 23 Jan 2024 14:21:44 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 585 KB
144 KB 117ms
34ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:20:49 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 55
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
etag: W/"683b9f5de81fe1d181bceec0c32cc9fe"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: d2DV8J4CQcujGZBygmIpLmHp-c9c9KTTQje542N9p8fz66Mwmnf27w==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 117ms
33ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e718f629db56047e34605c878d5c8b2c6bd6cc9aaaea13ab7ca02b7fde8792f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:21:44 GMT

GET
H2 200 main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 469 KB
134 KB 61ms
59ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
x-amz-version-id: zlPj.IfBmhJWCnRphuyWdGEaI2oPDSyN
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 24851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"65f4d89d2236c9f9b248d9ed5de8dafa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 846701ae99591e6a-FRA
x-amz-cf-id: l22ySRjOUL7UCry6EwymQ5uGy3uUHRam9apag8Ck6OTlquq4GHytiw==
expires: Tue, 23 Jan 2024 14:21:44 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame F240
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
3 KB

32ms
31ms

Script
application/javascript

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fdab07a5ab0132bc84df1081b935aa3438f8429a41e731a28433f2b2cf1b972

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 846701aeedd13834-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Jan 2024 14:21:44 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 846701aead823834-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
78 KB 91ms
42ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2826b6f3566a8c1e73b860f0afadb4701858a2bda86c759c9c80615834467377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79485
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 14:21:44 GMT

POST
H3 200 846701aada0e4d64 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F240 0
317 B 51ms
51ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/846701aada0e4d64
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
server: cloudflare
cf-ray: 846701af8e713834-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H2 200 webfonts Show response
www.googleapis.com/webfonts/v1/ 1 MB
159 KB 165ms
92ms XHR
application/json 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52c8cfbf05223ab03607c88608ecc0419becb8df5884a096a030115b0958a230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript
Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: 1521377560568e585b770dd455965b31ff88e7e2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: public, max-age=3600, must-revalidate, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162536
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 84ms
38ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 4017583
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgEfGivG2lAwTYR5m4%2B9tZp446AhjAz2Wk4Q%2BnPhZcDX1hk3iVy2JP0KRK8uL0m8GA5wBgtJNxTMQvH%2FNaFV76vBpTiLvaxVscPxpm%2BZZARn6GmJ1qiqYCzO4HQn13t1ywvlouuo093%2FyyYLbAFgHcLivA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 846701b02fac3835-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: rtR68-YLielB73Xlk-r7wxpuKJySR-nv9CfPQTewJ9ExZ2Hc4LMyeg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 79ms
33ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 3993342
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsFCjCjxpBRraXCt4xRdPJFeB1nLK8QMrXP47QRaY63%2FL3aS2SSFSXvQC7Gas9oLu0gDthAinFy4p0j79G8xACub5HaD6krb%2BGCzlcIyDbYcHKAfWQW7pb6XWYbGsyaQENZ%2BfBl5eLBafhSx8WYHh%2B%2B%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 846701b02faa3835-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: fM4bMZO9KtBszo0sn_-kB9AGKyZFPOYVnI1B2bXQ2D4hQYrqcZOhYg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 78ms
32ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 5731103
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9t0iCzaJCKJDAKkOJ7ncosa3c8P1dqZRhiC0Km6yphKPBlKBE0k2JB8OQOI%2Fs7MTOO0%2FXB%2BGZOblTgsUw6brZ4WKwRYNEBdQ7%2Bv2vbqo5jsmJwDeZz3OCh9JWwH2xUR9jurwH2pJlYdWySrU5vBqbRCFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 846701b02fae3835-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: SR0RNWiygohnbrDloDEvFSzYGS4bul7R2LDgkyNQ2I7dEQMHyQhvNw==

GET
H2 200 popper.min.js Show response
getbootstrap.com/docs/4.0/assets/js/vendor/ 19 KB
7 KB 88ms
34ms Script
application/javascript 2606:4700:10::ac43:1e94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 731a92b5b42935c9540ba0e389a72ae21180f47c
date: Tue, 16 Jan 2024 14:21:44 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Mon, 08 Jan 2024 05:45:37 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 15
content-encoding: br
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230057-FRA
last-modified: Thu, 14 Sep 2023 14:29:01 GMT
server: cloudflare
x-github-request-id: A428:0E81:3EF3FA3:401B8E9:6540671F
x-timer: S1700599280.142788,VS0,VE2
etag: W/"650318ad-4af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 846701b03ece8ff2-FRA
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
104 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06cea65c574c775ab496aca2dbbbccb15c868670212652d52ec788c5380f208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
72 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

264774650d68a8f1e3e2f024f586c5c0df109e88d202dd8d342bae6a6e343f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73265
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 14:21:44 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 75ms
20ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230032-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 67ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 14:21:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: stK2OwYCnt8nK7HdlLf4uG4L7FSdXYZoeVG+nf8LogWy8F1fvy7LU3Qh15N1Tcy5ezw5bYFDgzIgxrPl4BmwQQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 29ms
29ms Font
font/woff2 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 3901353
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNg2e3%2Bud3kinoGpoNnb6JFOjYlexMH%2BYGbDUw%2BbLydjZ0T3DrFP7J82c6yh0otxM6NKrwRCxMj2%2BBh%2BiDMry0MK%2B0RfeYk0QrLNISyMeAYDRvSSHt7nwMNpYwqCwvA0hLctPvL34AaFCvadUCtAsQEOvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 846701b0780a3835-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: FFfS6hI-hiOvtL21_1qP-aWg3K0mLrk6cF5ULoFMflR01SndEEy9Yw==

POST
H2 200 collect
server-side-tagging-ptjx4tds2q-uc.a.run.app/g/ 0
459 B 309ms
230ms Ping
text/html 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-ptjx4tds2q-uc.a.run.app/g/collect?v=2&tid=G-CAPI12345&gtm=45je41a0z89133194504&_p=1705414904170&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1759237583.1705414904&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705414904&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1705415275122_17054150286311&tfd=1437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 3a0162842832e0b58f7c5fc03d64832f
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 16 Jan 2024 14:21:44 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
118 KB 37ms
36ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 494381
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b09bf4997a-FRA
content-length: 120109

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 60ms
60ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 1227136
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b09bf8997a-FRA
content-length: 7186

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/38b3ad1ee0/70955553/ 0
137 B 35ms
35ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0/70955553/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
cf-cache-status: HIT
age: 1549990
content-length: 0
x-request-id: F6VYHKev1O8Cg7x-wzoB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 846701b09bf0997a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 82ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41a0v9113043695z89133194504&_p=1705414904170&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1759237583.1705414904&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705414904&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_ss=1&tfd=1463
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 89ms
29ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JWBYYEB6SQ&cid=1759237583.1705414904&gtm=45je41a0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11465445694/ 3 KB
2 KB 111ms
59ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11465445694/?random=1705414904427&cv=11&fst=1705414904427&bg=ffffff&guid=ON&async=1&gtm=45je41a0v9113043695z89133194504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&hn=www.googleadservices.com&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&auid=1506380325.1705414904&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd18c98a5bb954ffb5d193917243d09a8653830ef46e766f99a14ccdc240999e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.pt/ads/ 42 B
408 B 96ms
47ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pt/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JWBYYEB6SQ&cid=1759237583.1705414904&gtm=45je41a0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2048519008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 75ms
23ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:17:20 GMT
content-encoding: br
age: 264
x-guploader-uploadid: ABPtcPqFlgTpSX8o3_F2Xg1XkWYHYV-b20IvBsocKL6hVWetEaRBnF8R_GOpD1WH68qjtY0IDvCjuCHeFw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69176
last-modified: Tue, 09 Jan 2024 14:46:09 GMT
server: UploadServer
etag: "39c79f2b05faf1b80cfb99fdd212a0e6"
vary: Accept-Encoding
x-goog-generation: 1704811569390469
x-goog-hash: crc32c=MZJ0CQ==, md5=OcefKwX68bgM+5n90hKg5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69176
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 16 Jan 2024 15:17:20 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 230ms
180ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=233fff1b-a057-472b-9888-7da345dc8352&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=f58d3d2f-074f-4150-950c-42e18694b914&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 158
date: Tue, 16 Jan 2024 14:21:44 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 0dfb28f7e66ffe80
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: effbfeab83d0a8d8af0dc68fb232a965c35aa2100dfc571a99cb16ce8724a964
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 240ms
185ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=233fff1b-a057-472b-9888-7da345dc8352&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=f58d3d2f-074f-4150-950c-42e18694b914&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 162
date: Tue, 16 Jan 2024 14:21:43 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 68c482d8a0a7f39c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: f27427fc3769caf7690a57f7c298d30cf10f1190cf48088f3132658265b9eb4f
content-length: 43

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9609e13befde8e8bcaea0824bd0bb4a109019fc10d3aa1a392b314a0a082882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:21:44 GMT
content-md5: mIqsItdUP5auNvtOStWSUQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: 6Vqo0TMaVG/atMe4t0HsKcSOBEnXMxJmx4BTh6iwqXGCgpyWcRh6eMhQ3nu9EiIhzXIGFKif1RfNhbR9SIxgHQ==
x-fb-content-md5: 068307dc49b7a66d89dd160f264eeef4
cross-origin-opener-policy: same-origin-allow-popups
etag: "89e90daa113671f5848c353ed4002d1f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 16 Jan 2024 14:25:30 GMT

GET
H2 200 689052772650376 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689052772650376?v=2.9.140&r=stable&domain=www.kennedy24.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f77f30815a97a6c4e1317eb1bd7164e41738c9344f7f8ab1ca95b36cd2678f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 14:21:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35392
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: sL1OYOUdfuOI/kxcWL41aS1TOBMVZzeWsj3Rz0kn1Um9G6RkQ2ukwx6avQwuBy+Vsnt9lNHNeJRYjov4wlhOIw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
4 KB 64ms
21ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/am=wA/d=1/rs=AN8SPfoiShHCb8vwCxVRemi3s1_LaVy25Q/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 06:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 06:12:51 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqVk7C7dL84AfjOFZNpKVJA9BOXzQ/ 208 KB
72 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqVk7C7dL84AfjOFZNpKVJA9BOXzQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/am=wA/d=1/rs=AN8SPfoiShHCb8vwCxVRemi3s1_LaVy25Q/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9cb11e03f12b8ae3ff94372e8a7f692f92b69b62b18eaf42f400b7ddac2ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 23:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73587
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 00:11:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 23:51:13 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame F240
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
3 KB

32ms
32ms

Script
application/javascript

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Protocol

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cf76ac40eef92aa916ab766b61ee0f08e342eac3b97544662f367bb33792c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 846701b1c8f73834-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Jan 2024 14:21:44 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 846701b138673834-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 9F02 200 B
1 KB 29ms
29ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2673
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 13:37:15 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: l2_U8ZjjpRYMpsDjnhT-7ecW_B54X0sNL_v59TmV9tmq4r0Ixu5O8w==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 34ms
34ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 1227135
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b14c99997a-FRA
content-length: 38432

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 13 KB
14 KB 41ms
41ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 833894
etag: "6568cc22-35f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b14c9c997a-FRA
content-length: 13816

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 39 KB
39 KB 33ms
33ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 1227135
etag: "6568cc18-9cfc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b14ca1997a-FRA
content-length: 40188

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame D0C8 44 KB
27 KB 45ms
45ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ijqw0w2t2x9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6298151e988efc9dfce436d3f9e026819563783cc19e60ef4dd558b54c08ddeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z5YIu6qfdk8VLy616uZppw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Z5YIu6qfdk8VLy616uZppw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:21:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor
www.recaptcha.net/recaptcha/api2/ Frame D820 0
0 35ms
35ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ab1KSTk_eiFRuEj2k7dx9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ab1KSTk_eiFRuEj2k7dx9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:21:44 GMT
expires: Tue, 16 Jan 2024 14:21:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html Show response
js.stripe.com/v3/ Frame 466D 325 B
1 KB 31ms
30ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a25071dc8b8fea33f964a353594f9712e0351e95478f31d6ab313596344ee3ce

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 53
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:01 GMT
etag: "cd24e7c1f64e4a5ccfe0b4a332259a7c"
last-modified: Fri, 12 Jan 2024 21:06:26 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: v2o3q7vuUbFYT0qJkXcEfTP7glW7H2iP-k59FMpHj07A9Q7GpRqq3w==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html Show response
js.stripe.com/v3/ Frame A3FB 798 B
2 KB 30ms
30ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9dbda455657931eab9cf12e737b736be32e13ccb4cdeed66996209414f028c8c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 220
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:18:05 GMT
etag: "86725cc35851d08d71f57f993ab9f2e3"
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: _luMa5PCMsQTKT_eGhOn4ovvsFL9ZwJOy4VwiYaUEWu9EHMy4Pj0dQ==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html Show response
js.stripe.com/v3/ Frame B1AB 408 B
1 KB 30ms
30ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8be140aa29933fbd06ff9c2e16bdd9c4bdf4b5fabf13e329998b6401962c4f02

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3038
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 13:31:07 GMT
etag: "954baa4418d900918d6a480ac847ce94"
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: 0uSFQ8mRbAcfXiXpcBLv_BGkSAjViQIpVtuuqVmG6p7awZJ2yTZYkg==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html Show response
js.stripe.com/v3/ Frame F74F 344 B
2 KB 31ms
30ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

edb51485976205950b2767d5589f75f915db91ce2b1a6aa6193c120cdcc6e56a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 28
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:17 GMT
etag: "b9b2a4a4d0721416474ac922a501403b"
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: V3f-VmW0lmZXJbC9xhl-vtnK40rLAZ2OjWqLQSXSrz_koAOBKrrpVg==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame FE6D 7 KB
1 KB 35ms
35ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9656ceb2e6a95f8dc2b17eac8ffd38444e2aab2df1f435c43d8b5f385a365ac6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kc4gPaLp_IGFyhGLtGLfZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kc4gPaLp_IGFyhGLtGLfZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:21:44 GMT
expires: Tue, 16 Jan 2024 14:21:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 rum Show response
www.kennedy24.com/cdn-cgi/ 0
143 B 27ms
27ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.kennedy24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 846701b1a8d03834-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41a0v9113043695z89133194504&_p=1705414904170&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1759237583.1705414904&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1705414904&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=stacked_donate_amount_selected&ep.stacked_donate_amount_selected=Other&_et=112&tfd=1614
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 44ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ad491f74a47b06604017ee64c901ae96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b21618047d21c2ccc729f3980d873c18c718dd47193067746031a527a0354c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:21:44 GMT
content-md5: +gPAno4y0EGKSFhMAN9pZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86934
reporting-endpoints
x-fb-debug: SFV1D536CRjuLUvGCZ/63DKxLVxTTdSbZ+E0+KUhML/adCwRNf3opTFvtlqCDwhRA4B7fWFknjJfwuv+JCisvA==
x-fb-content-md5: 86b7d0a8c1a90ce39c0d5fd23970e488
cross-origin-opener-policy: same-origin-allow-popups
etag: "5dd219f13977fd534d5054ea1c25706b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jan 2025 12:24:47 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9F02 526 B
1 KB 31ms
30ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:27:44 GMT
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 3243
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9fO3EypRGvcMmsviqv0oAHQXc09DfLJsHsC5biHHjCESY8Iqc24Vfg==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame D0C8 55 KB
24 KB 23ms
21ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ijqw0w2t2x9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame D0C8 506 KB
203 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 9F02 0
715 B 809ms
412ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905301572
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301201
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9F02 0
715 B 796ms
399ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905302032
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301513
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 466D 533 KB
117 KB 31ms
31ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:14 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 871
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Ds6r1wcdxaB1gMGGFcY2GvRXDDV7GtxFvXz2WI_G--UG8zTVFqeD8w==

GET
H2 200 controller-412bac64fa03cf1b2d253e11b4267c7b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 466D 691 KB
159 KB 46ms
46ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-412bac64fa03cf1b2d253e11b4267c7b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

74555b53d117ce3eede0e874b2a4ba7ca46fb33c790bcc76de43bf6428b60071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:13 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 872
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:37 GMT
server: Cloudfront
etag: W/"2a6a43947b3826b137f44b2bfdc68271"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Lu0ImSSwSM53U5ccEvHK-SAeDE8bFRPkXB7BFY_1HVmyYA3hkkXOkA==

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A3FB 533 KB
117 KB 66ms
66ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:14 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 871
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 502ulCy-h7DPfIi68snea94ZlNrIDCljlGcpAswSe4Oyc10FEPrf6Q==

GET
H2 200 ui-shared-260909cda3d3b355462e5847597128b0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A3FB 408 KB
104 KB 79ms
78ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-260909cda3d3b355462e5847597128b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1f643112eac47832d85f858d25e911857cee99c566528f17921909e0eb82016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:10:25 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 680
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
etag: W/"67c7778f59449f7b2ebd50e4c0aa2244"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _i7SV8wv7nGVu5ojldi96j3yOQrdty9c1mpIw0xWjnKeBVBIs-StXA==

GET
H2 200 elements-inner-card-1706847dbc14231d360b7fd77e59dc13.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A3FB 53 KB
14 KB 91ms
90ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-1706847dbc14231d360b7fd77e59dc13.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e5f5592d52a43ed2d23099328752f493d908c0f1f65190571051cb8d89221539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:13:49 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 477
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 18:09:19 GMT
server: Cloudfront
etag: W/"465e7b3a4362b5189766b3e3958d0b59"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: u8o8vGhK1d2DOSgsX_S8gUpwGfCLDjmAPMWaDN7D2I5Im3wuqZxSMw==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame A3FB 20 KB
3 KB 64ms
63ms Stylesheet
text/css 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:39:11 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2554
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:44 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: _-rQu6btyUjWcT34q1hiQejWluQ1d6spj9F-6xFPDjZ722dAiL-vXw==

GET
H2 200 elements-inner-card-b79a095030fa6973133c91d98bd626d2.css
js.stripe.com/v3/fingerprinted/css/ Frame A3FB 14 KB
2 KB 77ms
76ms Stylesheet
text/css 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-b79a095030fa6973133c91d98bd626d2.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1bb8affc0ad0f6449490148a0ec45435d64f1494b92ad385f266b9b86d7aa076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:18:10 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 220
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
etag: W/"81af9199f83c2489a35a5a81327a87b6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Opmhp9Zd5ntO14CY2Hwg6-Tvvr15lN9pa9JZu_j3lN8mRIpIFadYuA==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame B1AB 118 KB
36 KB 133ms
76ms Script
application/javascript 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4b118f1d6941d1c227f24465a739f9c03a205b53382e0aafcdfec681f394f7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D1Ky96e9ZIiGz0tssFwE1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-D1Ky96e9ZIiGz0tssFwE1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 16 Jan 2024 14:21:44 GMT

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B1AB 533 KB
117 KB 84ms
84ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:14 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 871
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rdNv2hC8AtNhKdkjAFlww27U6TtTME1JT4NDymSnSVqHPj1ALzP7MA==

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B1AB 12 KB
5 KB 30ms
30ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:16:41 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 311
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:04:31 GMT
server: Cloudfront
etag: W/"c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: YO72Zyn-4V8rMItpZ7GPCeTijzoNaFEnFLNFL6DMei0vR7Ktpk1Obw==

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F74F 533 KB
117 KB 90ms
89ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:14 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 871
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WN60-jBFzZWlumK_CjUJwXve3FVxsrbOP6c0vQYcfaoyFdLSFxbG-g==

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F74F 13 KB
6 KB 96ms
95ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:48:18 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2006
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: MB8dARR1BiMVkB8Sp0CMCHx0Rex4WDQXtYSKSwZaTwz5X9Q7oD-FUw==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame FE6D 55 KB
24 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame FE6D 506 KB
203 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11465445694/ 42 B
455 B 93ms
34ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11465445694/?random=1705414904427&cv=11&fst=1705413600000&bg=ffffff&guid=ON&async=1&gtm=45je41a0v9113043695z89133194504&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_nfP2UCgQnbQjueBfYt4V5V8-qLfq6w&random=2916410151&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.pt/pagead/1p-user-list/11465445694/ 42 B
154 B 36ms
32ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.pt/pagead/1p-user-list/11465445694/?random=1705414904427&cv=11&fst=1705413600000&bg=ffffff&guid=ON&async=1&gtm=45je41a0v9113043695z89133194504&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_nfP2UCgQnbQjueBfYt4V5V8-qLfq6w&random=2916410151&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 466D 0
716 B 770ms
387ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905302297
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301469
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A3FB 0
715 B 773ms
391ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905301562
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301270
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A3FB 0
716 B 794ms
412ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905301881
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301349
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1V4959-na1/v1/ 6 KB
2 KB 23ms
22ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1V4959-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88513ef8ce83b1745cc065850e59f08ac1a31beb71d7bf2841a420d69be3c827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:15:31 GMT
content-encoding: gzip
age: 373
x-guploader-uploadid: ABPtcPo8Ct7IBz_3-aPms5Zd94oe0nnLTr0kLV9ct_xatD0ciBJUiuXgBLvSOwXH_s-cX1uZyQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1605
last-modified: Tue, 16 Jan 2024 14:08:36 GMT
server: UploadServer
etag: "75a7fb12c1760998f9d879afdaa53776"
x-goog-generation: 1704996816762344
x-goog-hash: crc32c=0LQ/hA==, md5=daf7EsF2CZj52Hmv2qU3dg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1605
accept-ranges: bytes
content-type: application/json
expires: Tue, 16 Jan 2024 14:30:31 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame B1AB 0
716 B 760ms
398ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905301878
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301266
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B1AB 0
717 B 747ms
385ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905301547
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301255
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F74F 0
716 B 752ms
391ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905302093
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301285
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F74F 0
716 B 759ms
398ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905302093
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905301503
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
DATA 200
OK truncated Show response
/ Frame E306 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 68ms
21ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 22:14:23 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 28ms
28ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:49:42 GMT
x-content-type-options: nosniff
age: 70322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Jan 2025 18:49:42 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D7B5 930 B
1 KB 80ms
22ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 249
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:44 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 229
x-content-type-options: nosniff
x-request-id: 1ae9156d-1587-4b0b-8d82-90718ae65cac
x-served-by: cache-fra-etou8220057-FRA
x-timer: S1705414905.747189,VS0,VE0

POST
H3 200 846701aada0e4d64 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F240 0
315 B 43ms
43ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/846701aada0e4d64
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: br
server: cloudflare
cf-ray: 846701b2aa503834-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 466D 474 B
864 B 82ms
29ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-106.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:42 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 7
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: UYejfONjgwqp4UqDhOuUmOAGsls2fhIbcczsrYJmpjeqqCcaOOKtXw==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 466D 474 B
865 B 74ms
28ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-106.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:42 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 7
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: XAU7FvBjK7gP2I5Cb0dxjDzNA-oCK7eKUHiSYb9femNp3qZkBdYtRA==

POST
H2 202 page Show response
rs.fullstory.com/rec/ 79 B
279 B 206ms
144ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

f66a96e9a973ac7e4e920aeeba6ac52ccbc8e192f75a2baa96860cc097b6a2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kennedy24.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79

GET
H2 200 Rbyc7s488VWd4IGfuE4gsnBiFwpTphWh5ZwgXcZl-nM.js Show response
www.google.com/js/bg/ Frame D0C8 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Rbyc7s488VWd4IGfuE4gsnBiFwpTphWh5ZwgXcZl-nM.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45bc9ceece3cf1559de0819fb84e20b27062170a53a615a1e59c205dc665fa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6871
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Jan 2025 07:52:15 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D0C8 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 66290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D0C8 15 KB
15 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 399288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D0C8 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 65053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A3FB 474 B
865 B 28ms
28ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-106.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:42 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 7
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: eaLooWSS9lpbWdJ_8StFi4hUcxiNHQP5TjXIBlLzSBAUwIvKk5AJBw==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 99ms
55ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1679673749184434&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&sdk=joey&wants_cookie_data=true

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security: max-age=15552000; preload
date: Tue, 16 Jan 2024 14:21:44 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: qtPAXVjGKgHP6SDkNtFf1rOnnmi/wvJDQGc92XY7qVqAOFwU+HbcQBixXm+wt7AW7ohd/Mm5GfA1qlDJSb4u6Q==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 58ms
23ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689052772650376&ev=PageView&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&rl=&if=false&ts=1705414904884&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1705414904615.1021629800&ler=empty&it=1705414904471&coo=false&eid=1705415275122_17054150286311&tm=1&cdl=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Jan 2024 14:21:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D7B5 0
490 B 534ms
411ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905301776
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1705414905301484
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame D7B5 87 KB
15 KB 22ms
22ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 16 Jan 2024 14:21:44 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 137
x-cache: HIT
content-length: 15509
x-request-id: 44db1f57-7fea-4fce-8fd5-7d9bb0e38f58
x-served-by: cache-fra-etou8220057-FRA
server: Fastly
x-timer: S1705414905.894178,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 129

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 466D 2 KB
3 KB 364ms
273ms Fetch
application/json 198.202.176.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.141 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bbdf5e1699bf67f2befd901a4037129150afc3dda91448bf1077b86eb88a6831

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2481
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame D0C8 102 B
135 B 31ms
31ms Other
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ijqw0w2t2x9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:21:44 GMT

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
279 B 34ms
34ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1705414904934&h=www.kennedy24.com&e=p&u=45028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Jan 2024 14:21:44 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 950693
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 0e54eaf6-c01e-005b-5a85-271f4c000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846701b3ec695d96-FRA

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 60E0 19 KB
8 KB 73ms
73ms Document
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82eb68a4aa619bdaf93acd7d4a573b07ad572f8675cf4ff6b61e2c5f6890b549

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-d10dYsc-tORL5tgG8h49fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-d10dYsc-tORL5tgG8h49fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 16 Jan 2024 14:21:44 GMT
expires: Tue, 16 Jan 2024 14:21:44 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 509ms
201ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905360645
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1705414905360398
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 713ms
406ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905552164
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1705414905551813
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 637ms
331ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905493960
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1705414905493254
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 618ms
330ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905493463
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1705414905493184
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame A3FB 474 B
863 B 28ms
28ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-106.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:42 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 7
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: tsmWZ540AmxuTHKZ4HJs1eFgm91o8TDdBBybcQJUM6UVehTlAT5Npg==

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 60E0 158 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhwtxCCfvKFOf9zzcukEIKUza5Xag/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdb3213b77654cd277f6d059d630a3e34089b3a49303b66668447b42c658159a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57424
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 04:38:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 09:56:45 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame D7B5 156 B
669 B 595ms
198ms XHR
application/json 34.215.162.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.162.111 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-162-111.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5b407751970809b38474e973b7b5d61c0398e60d98b3b8cae1b560d330e30199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905537978
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705414905537288
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 60E0 2 KB
2 KB 129ms
129ms Other
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 60E0 74 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0TxQ66sf9GelOI7rbVolu0C8s3Q/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhwtxCCfvKFOf9zzcukEIKUza5Xag/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a14509305d676d532c0994b24a812ea8866033eee44721f0c66ddbed1d4f5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27625
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:03:22 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 60E0 1 MB
376 KB 77ms
77ms XHR
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ad4cb1983f4d9969c7939332ff9431727b79059cd4421ae0cb13d2ed000a181

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-2ruWMUXCLztLTC4ajorUmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-2ruWMUXCLztLTC4ajorUmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 16 Jan 2024 14:21:45 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 60E0 9 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0TxQ66sf9GelOI7rbVolu0C8s3Q/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9354f5ccc9edfd57c5650b4456932fb7accded65b54e9ba719478863eed67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3743
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:03:22 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 60E0 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0TxQ66sf9GelOI7rbVolu0C8s3Q/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a63c2cee85178a3337c8a8e1bc329c7daf1ed3593c3095418b05766cf358007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:03:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame 60E0 131 B
156 B 118ms
75ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
51ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:21:45 GMT
expires: Tue, 16 Jan 2024 14:21:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 60E0 131 B
156 B 120ms
77ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
52ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:21:45 GMT
expires: Tue, 16 Jan 2024 14:21:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 60E0 131 B
156 B 120ms
78ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
52ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:21:45 GMT
expires: Tue, 16 Jan 2024 14:21:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 60E0 131 B
156 B 118ms
76ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
53ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:21:45 GMT
expires: Tue, 16 Jan 2024 14:21:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame D0C8 13 KB
9 KB 84ms
84ms XHR
application/json 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

089d2bdb3d16fb8377e1249190854cdd3ab2f9ff96989af9f7232e1902530e19

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=ijqw0w2t2x9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:21:45 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 335ms
335ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905493693
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1705414905493037
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html Show response
js.stripe.com/v3/ Frame 2014 71 KB
24 KB 32ms
32ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

31974f89c6752e664ed419116aafe7c306f4d43c6c2ea57776fbbfa0d4c12418

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-1D+1LyqJfTcuWCwBSIqNB625Fdh7tn7BZ9YCctu+2DE='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 10
cache-control: max-age=60
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-1D+1LyqJfTcuWCwBSIqNB625Fdh7tn7BZ9YCctu+2DE='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:35 GMT
etag: W/"50d47d6212e34f567af4a5cc45d36923"
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: 4jgRmTpz2PaqtVYaMLyqG6_MWkY9Vpv2sD_ZKhNhzphcNSXCH-Fu7Q==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 398ms
398ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905552323
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1705414905551925
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
35 KB 32ms
32ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:36:54 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2828
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GvaSdiztYZaedWLV2Y6VJfpuF3LRbjzp4UxlOXD-lTAytFz6I_O-5w==

GET
H2 200 elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html Show response
js.stripe.com/v3/ Frame 348E 77 KB
30 KB 32ms
32ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

69e859f352bba5e6cef30930a8a1c2c055d0c16daf9f8eeb0a2f98b653e22df4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 651
cache-control: max-age=31536000
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:10:57 GMT
etag: W/"a8f574dc3e90553d267eeaa0d2b7dc5d"
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: hxRILWqiOHSU1JDGAauXA106xlv3Dyzz16YYlGbqlj_NB8OyYmgAog==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 389ms
389ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905552702
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1705414905551920
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 60E0 131 B
155 B 79ms
79ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 51ms
51ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:21:45 GMT
expires: Tue, 16 Jan 2024 14:21:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 60E0 131 B
156 B 79ms
78ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 51ms
51ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:21:45 GMT
expires: Tue, 16 Jan 2024 14:21:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html Show response
js.stripe.com/v3/ Frame 0850 820 B
2 KB 30ms
29ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3ca288f9e9c0ac3ce554de6789f28ab8a6b5e4483689f8c58e36208d40daa4d7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1431
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 13:58:02 GMT
etag: "af0cf8bddc229e22339e6d1a80a19d72"
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-amz-cf-id: 5FnuzLjx2txLODXicLGTwj7L_wSk6eugh9uVIg7ByaEB4kJPGw4iEA==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 14 KB
14 KB 36ms
36ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:32 GMT
server: cloudflare
age: 14602
etag: "6568cc1c-3904"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b619a0997a-FRA
content-length: 14596

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 17 KB
17 KB 40ms
40ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 18056
etag: "6568cc22-426c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 846701b619a1997a-FRA
content-length: 17004

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
275 B 386ms
386ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905552799
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 11
x-stripe-client-envoy-start-time-us: 1705414905552352
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2014 0
716 B 352ms
351ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905554072
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905552710
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2014 474 B
864 B 28ms
28ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-106.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:42 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 8
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: Dvj2MQWghx2n6kjvQnmzGQCKTBYDihPzt0OmOva7b2a2ZtMYCMS7KQ==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.5/ Frame 16DA 419 B
1 KB 110ms
24ms Document
text/html 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-65.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

dc6595888a7c665fa78c126de038bec35fb7f8674ab928e00e9e1f9f46adffb3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33
cache-control: max-age=60
content-length: 419
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:34 GMT
etag: "1a62fe1001442e348265e0622148bc38"
last-modified: Thu, 11 Jan 2024 16:31:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding,Origin
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-id: toFOQLHau56Cwwa-m7E6SflojGamYAZ03mTyhbBTgbwdM6rS06OglQ==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 348E 0
716 B 338ms
337ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905553875
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905552678
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 348E 0
716 B 334ms
333ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905553202
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905552730
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 348E 533 KB
117 KB 32ms
32ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:14 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 872
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gFgkm7na40bTQ4DgNkKOLdeuaCEjhCCk5R3pbNqBhEQJqGu_wIVDIA==

GET
H2 200 elements-inner-link-button-for-card-8a7b6f6354c282b6a4fac964ea39980a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 348E 24 KB
9 KB 36ms
35ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-8a7b6f6354c282b6a4fac964ea39980a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

71cb66aea504951c7d2499622f35a263da91af2fd72b6efd2889657da0e8b817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:18:12 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 215
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:37 GMT
server: Cloudfront
etag: W/"ce0bb5b197c6330c3e2d69a66d1f828d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eBIumy6I3OBonDDj0X_JC711ROFQ0U7xaDyYXzdpv4hlqIeuXNmrQQ==

GET
H2 200 elements-inner-link-button-for-card-5eea9779eabe486a801d5564f8c44131.css
js.stripe.com/v3/fingerprinted/css/ Frame 348E 25 KB
4 KB 35ms
34ms Stylesheet
text/css 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-5eea9779eabe486a801d5564f8c44131.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

042e2de0cb5720f25c17d0c9d40fbf5d1a5711c3e5e275ca939a36298e69117a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:11:07 GMT
content-encoding: gzip
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 639
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 05 Jan 2024 18:04:14 GMT
server: Cloudfront
etag: W/"292bfff48a65329a3b7ce317998188f4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: w7XzTZAO_TINP8Jobsop2sk1TX-MtPiOthj33OTYnFaWysBfOteE8w==

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0850 533 KB
117 KB 35ms
35ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:14 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 872
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TUJSwGZ7R3nrDIwkutpGa1JRfubORxJChk5VYO4nafzFR9x5BUZxBA==

GET
H2 200 ui-shared-260909cda3d3b355462e5847597128b0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0850 408 KB
104 KB 37ms
36ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-260909cda3d3b355462e5847597128b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1f643112eac47832d85f858d25e911857cee99c566528f17921909e0eb82016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:10:45 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 681
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
etag: W/"67c7778f59449f7b2ebd50e4c0aa2244"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ooLOMdR0T0yFjdfeSahSmdVfFP3hbblVX2NOAOMP01ucgtKcWDCcvw==

GET
H2 200 elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0850 72 KB
25 KB 31ms
31ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:14:18 GMT
content-encoding: gzip
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 451
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 18:09:19 GMT
server: Cloudfront
etag: W/"ac57b4658a09416a9b023bb26ee29cac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tfNjN3n4x2W0Al5yv2ClI4eYzHvJzPqGOpPkkmcaZLY9MGti_c4LyQ==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 0850 20 KB
3 KB 33ms
33ms Stylesheet
text/css 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:42:16 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2555
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: sMgPUNYWfHdu7j7MFUfqa0F6mlMEKM2XZL3X0lgxKvHTdu7au4Ay6w==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 0850 11 KB
3 KB 34ms
34ms Stylesheet
text/css 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:34 GMT
content-encoding: br
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 15
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:44 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rXRAqeXs6aqQaF2DyroVYLlainMeGnBDhWauxRYhjmscdQNsQz2uCw==

POST
H2 200 csp-report
q.stripe.com/ Frame 0850 0
716 B 318ms
318ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905553698
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905552669
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0850 0
716 B 309ms
309ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905553326
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414905553008
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 0850 474 B
864 B 28ms
28ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-106.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:42 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 8
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: CHY8sqRba9Ti3ZuVD6TbzAJDEQoSStLZpat6ZnkgydE__5jufwatVw==

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 276ms
276ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:45 GMT
x-stripe-server-envoy-start-time-us: 1705414905553221
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 9
x-stripe-client-envoy-start-time-us: 1705414905552705
access-control-allow-credentials: true
content-length: 0

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame 16DA 326 KB
92 KB 92ms
38ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 23d6e884e899d5d1262754142496b262.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 0
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 846701b74de671b8-FRA
x-amz-cf-id: 0xTu1smq-4zCRp4WOgYBpPzV-oqi3J4Yk-MlSybyU7IVTG3g7QJkLw==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0add53ca.1de579cf511b43bc65a2.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.5/ Frame 16DA 114 KB
35 KB 30ms
30ms Script
text/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0add53ca.1de579cf511b43bc65a2.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-65.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

33802dcaf064160abe39c1ca2da22157e70ab0d2f8545052b8b86db74cf583e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:07:15 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
age: 871
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Thu, 11 Jan 2024 16:31:40 GMT
server: Cloudfront
etag: W/"73ab4693711da62679abb9d3dbba16d2"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: Z4ExmELPbl8h4ygMgAaSFBe2a1HcLak-a-5OU2sjjcNKXhnMS3wPsg==

GET
H2 200 HCaptchaInvisible.be818dab0eb19864cd9a.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.5/ Frame 16DA 17 KB
7 KB 24ms
24ms Script
text/javascript 13.32.27.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.be818dab0eb19864cd9a.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-65.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d4d4196e7a538f691634772bcfe1445701d9c168553c5efad7de2c845f9e5834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=be142c92-faf6-47aa-8d78-c867f23d1c79&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:07:15 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
age: 871
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 19:31:01 GMT
server: Cloudfront
etag: W/"9f5fed3ba2f5ea2cf43979617900e818"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: 4Kep0VFhYKLZ72Xh4gO7MAzLRZAtaJ7zBKYzfBAZ0xKCqb5_bv7ISA==

POST
H2 200 csp-report
q.stripe.com/ Frame 16DA 0
490 B 221ms
221ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=10&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905553344
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1705414905552732
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/2a00369/static/ Frame CD91 2 KB
1 KB 38ms
28ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=oemeyamtue

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03fd787ad2d3e73f4259555246d461205be4dfa022d08ebeeb0154ba6b6cce7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 321157
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 846701b7de8b71b8-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:21:45 GMT
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2d74eb05f17e8cd9ca29da65d3b3ff48.cloudfront.net (CloudFront)
x-amz-cf-id: 2vbdoEMlmuvr3scyKxQvoZYnUeTGWdPlNX9csxTg9KapP47AhzFSZw==
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: 5seh2Fy1m5uAejWNOpND.L8.XAC93K8_
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2a00369/ Frame CD91 326 KB
92 KB 42ms
41ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=oemeyamtue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=oemeyamtue
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 23d6e884e899d5d1262754142496b262.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 321197
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 846701b80ec671b8-FRA
x-amz-cf-id: 0xTu1smq-4zCRp4WOgYBpPzV-oqi3J4Yk-MlSybyU7IVTG3g7QJkLw==

POST
H2 200 6 Show response
m.stripe.com/ Frame D7B5 156 B
668 B 198ms
198ms XHR
application/json 34.215.162.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.162.111 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-162-111.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5b407751970809b38474e973b7b5d61c0398e60d98b3b8cae1b560d330e30199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905742147
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705414905741850
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame D7B5 156 B
668 B 247ms
247ms XHR
application/json 34.215.162.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.162.111 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-162-111.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5b407751970809b38474e973b7b5d61c0398e60d98b3b8cae1b560d330e30199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414905791645
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705414905791405
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame CD91 719 B
883 B 51ms
45ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=2a00369&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2d3ebe6719fa72c4c2ed7b830bd4fcc70aca957f9380166d3fdd2a708d54a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 846701b88f5b71b8-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/3a84c15/ Frame CD91 506 KB
220 KB 34ms
33ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/3a84c15/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1fc509673c7bfa18deea5a1fab54ca33fb84b961a46a32f27f5e595b9630a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=oemeyamtue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: WxGex9z4fR9K3hI3pY622MyGuT5HJV8e
age: 314548
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jan 2024 17:07:55 GMT
server: cloudflare
etag: W/"22965986ade7ea3c1e439a2ed4224345"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 846701b8dd1e37da-FRA
x-amz-cf-id: RrIDZExMQKp_q8x9awaV3DpzDyv6Q5VZrmHufr2bYvgnFIrSCTwCYA==

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
273 B 198ms
198ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:46 GMT
x-stripe-server-envoy-start-time-us: 1705414906111556
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1705414906111231
access-control-allow-credentials: true
content-length: 0

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame CD91 3 KB
3 KB 222ms
222ms XHR
application/json 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00ab198cc6fc346e789f652aa1c41ec749df6b9a6a7ecd8685fed26441cd2e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 846701babec337da-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 b Show response
r.stripe.com/ Frame A3FB 0
274 B 198ms
198ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:46 GMT
x-stripe-server-envoy-start-time-us: 1705414906148074
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1705414906147818
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 466D 0
274 B 198ms
198ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:21:46 GMT
x-stripe-server-envoy-start-time-us: 1705414906661329
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1705414906660787
access-control-allow-credentials: true
content-length: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 44ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41a0v9113043695&_p=1705414904170&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1759237583.1705414904&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEE&_s=3&sid=1705414904&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D10%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=form_start&ep.form_id=donate_page_new_donation_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.kennedy24.com%2Fforms%2Fdonations&epn.form_length=41&ep.first_field_id=donation_amount_other&ep.first_field_name=donation%5Bamount_option%5D&ep.first_field_type=radio&epn.first_field_position=9&_et=35&tfd=6614
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
676 B 30ms
29ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:58:01 GMT
via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1526
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
content-length: 176
last-modified: Mon, 08 Jan 2024 21:41:58 GMT
server: Cloudfront
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fFzGt-e-hBxsA9Hfbfs3MCYsOewbWxnU6HGuea1Jj26k8eD-g3jbOg==

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 22:02:46	Name: _GRECAPTCHA Value: 09APYnBZWAvp_0eybfZo_nxlHi7mMZAetNPUSI0LeJdrWzDyxaPSaAhWdYKL4zz9m7kkhrqQxUqC3xQWmF4n-8Z2Q
paracom.paramountcommunication.com/	1970-01-20 17:53:39	Name: AWSALB Value: iVgehxsSLqS8tvt4c650Nlaa8jE7carRGiFgmtyOylxWfmmz9ko5nEzWjvyqIGCeQ9/e/tizHp5LyLQmdkrXauChhURrkwi0rsnyV1rBrQl7uoU3vMvaeOjppy7I
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_token Value: FXS7TXQFyokCuG4h753AEQx8V7xJxG%2BYdDcjP5e6agk%3D
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_session Value: 20e1a0342090e08dbaeae3f8f7bec157
.www.kennedy24.com/	1970-01-20 17:43:36	Name: __cf_bm Value: pLyCH.LBm_6_aTsmqRMdEWH8GSL1w26672a58wZcamc-1705414903-1-ATUBQE2OLXrCFuLAYKoaWEVm5X6LMxwwPxdI5vGgn953tM/EQW+S6GamfLdEQ708Q/NAhy+3t6WR028FXLagJkA=
.nationbuilder.com/	1970-01-20 17:43:36	Name: __cf_bm Value: 9XJc8KAXbRDrJlirXhtEBvy9oCa92KiZWiog7I9eDzg-1705414903-1-AWwfTiVW4j/SR807OS8jgdCTMyX8mCHdrdcfOQRjptdtLZtQxnRP7Krb/ZbnIHnvtoStCPI019TT6MexDRTEPtM=
.kennedy24.com/	1970-01-21 03:19:34	Name: _ga_CAPI12345 Value: GS1.1.1705414904.1.0.1705414904.0.0.0
.kennedy24.com/	1970-01-21 03:19:34	Name: _ga Value: GA1.1.1759237583.1705414904
.kennedy24.com/	1970-01-20 19:53:10	Name: _gcl_au Value: 1.1.1506380325.1705414904
.doubleclick.net/	1970-01-20 17:43:35	Name: test_cookie Value: CheckForPermission
.kennedy24.com/	1970-01-21 03:19:34	Name: _ga_JWBYYEB6SQ Value: GS1.1.1705414904.1.0.1705414904.60.0.0
.kennedy24.com/	1970-01-20 19:53:10	Name: _fbp Value: fb.1.1705414904615.1021629800
.t.co/	1970-01-21 03:19:34	Name: muc_ads Value: 685ab403-545c-491f-b7c1-6b67bddbaee1
.twitter.com/	1970-01-21 03:19:34	Name: guest_id_marketing Value: v1%3A170541490460660893
.twitter.com/	1970-01-21 03:19:34	Name: guest_id_ads Value: v1%3A170541490460660893
.twitter.com/	1970-01-21 03:19:34	Name: personalization_id Value: "v1_xJoCLB/s1GCoVrQiMTXEvg=="
.twitter.com/	1970-01-21 03:19:34	Name: guest_id Value: v1%3A170541490460660893
.www.kennedy24.com/	1970-01-21 02:29:10	Name: cf_clearance Value: mEyC5ogbSts6DzYSFqfonnTMM.B8VBaPa6NetjG2.OE-1705414904-1-AYFZx2iOFncjdqzi6l7uBE/cLovl/cXzbZH4Rc6evO0L0YDPa8I9c/Z2WSGumVoHxDAj70398ji9+ZAzW+DldiY=
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: aLtjrXS8W7K4E6nkiB1uPTyGYuvY8GYZwAzD.yeEYSQ-1705414904801-0-604800000
.google.com/	1970-01-20 22:07:06	Name: NID Value: 511=kyYZM_OdSxXp8iqXhbo3OH64L9cr8gKxdgef80BVvIPR_1ujlnEvji-7u5U3s5orTEVlTmHQ0btUDSezYY7CV17QP548doUvGFNhyZQM8jMuyfUOXl_IS-W5KkkkovkxkPJIQQcBKbnAXHwIxIanHu6M0bK5TyDaiesD9fcAfKM
m.stripe.com/	1970-01-21 03:19:34	Name: m Value: f9f45b96-dd09-4df8-b344-2ee8a3530aec993a61
.www.kennedy24.com/	1970-01-21 02:29:10	Name: __stripe_mid Value: 5c955c69-74df-4334-86e2-32b46cddec7718e160
.www.kennedy24.com/	1970-01-20 17:43:36	Name: __stripe_sid Value: 5c7072e0-436b-4f07-a512-85b4814c87841b9198
api.hcaptcha.com/	1970-01-20 18:26:46	Name: hmt_id Value: 623ad7d3-bf5e-428a-9684-23dfb552b222

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.hcaptcha.com
assets.nationbuilder.com
b.stripecdn.com
connect.facebook.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
googleads.g.doubleclick.net
hcaptcha.com
joinkennedy.nationbuilder.com
js.stripe.com
ka-f.fontawesome.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
newassets.hcaptcha.com
p.typekit.net
paracom.paramountcommunication.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
rs.fullstory.com
server-side-tagging-ptjx4tds2q-uc.a.run.app
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google.com
www.google.pt
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.kennedy24.com
www.lightboxcdn.com
www.recaptcha.net
104.19.218.90
104.19.219.90
104.244.42.67
104.244.42.69
108.138.36.106
13.32.27.65
146.75.116.157
151.101.0.176
198.202.176.141
2001:4860:4802:32::35
2001:4860:4802:34::36
2606:4700:10::ac43:1e94
2606:4700:4400::6812:2844
2606:4700:7::a29f:8a2c
2606:4700::6810:3865
2606:4700::6813:d383
2606:4700:e4::ac40:a507
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9d
2a00:1450:4013:c00::5c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.215.162.111
35.186.194.58
35.201.112.186
52.38.171.38
54.186.23.98
00ab198cc6fc346e789f652aa1c41ec749df6b9a6a7ecd8685fed26441cd2e26
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
03fd787ad2d3e73f4259555246d461205be4dfa022d08ebeeb0154ba6b6cce7e
042e2de0cb5720f25c17d0c9d40fbf5d1a5711c3e5e275ca939a36298e69117a
06cea65c574c775ab496aca2dbbbccb15c868670212652d52ec788c5380f208d
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
089d2bdb3d16fb8377e1249190854cdd3ab2f9ff96989af9f7232e1902530e19
0a14509305d676d532c0994b24a812ea8866033eee44721f0c66ddbed1d4f5dc
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d
0ad4cb1983f4d9969c7939332ff9431727b79059cd4421ae0cb13d2ed000a181
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb8affc0ad0f6449490148a0ec45435d64f1494b92ad385f266b9b86d7aa076
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
1cf76ac40eef92aa916ab766b61ee0f08e342eac3b97544662f367bb33792c5a
1d9cb11e03f12b8ae3ff94372e8a7f692f92b69b62b18eaf42f400b7ddac2ed6
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
264774650d68a8f1e3e2f024f586c5c0df109e88d202dd8d342bae6a6e343f85
2826b6f3566a8c1e73b860f0afadb4701858a2bda86c759c9c80615834467377
28c84c299c77064e01c76d66bd64ca5adec6a7d14668beec7c1fa2ba8b8c07d4
2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9
31974f89c6752e664ed419116aafe7c306f4d43c6c2ea57776fbbfa0d4c12418
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
33802dcaf064160abe39c1ca2da22157e70ab0d2f8545052b8b86db74cf583e0
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3ca288f9e9c0ac3ce554de6789f28ab8a6b5e4483689f8c58e36208d40daa4d7
3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7
3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
4249d6eefdf3f232e1e673d9f2526767c25ba6585d7712107c1994bd63c270da
45bc9ceece3cf1559de0819fb84e20b27062170a53a615a1e59c205dc665fa73
473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4a63c2cee85178a3337c8a8e1bc329c7daf1ed3593c3095418b05766cf358007
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
52c8cfbf05223ab03607c88608ecc0419becb8df5884a096a030115b0958a230
549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57
558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b407751970809b38474e973b7b5d61c0398e60d98b3b8cae1b560d330e30199
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
6298151e988efc9dfce436d3f9e026819563783cc19e60ef4dd558b54c08ddeb
69e859f352bba5e6cef30930a8a1c2c055d0c16daf9f8eeb0a2f98b653e22df4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
71cb66aea504951c7d2499622f35a263da91af2fd72b6efd2889657da0e8b817
74555b53d117ce3eede0e874b2a4ba7ca46fb33c790bcc76de43bf6428b60071
74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78
751c35af08d9aa58dc304762b4696f0b56e3debcba775d38db4a9d87ceb1ff12
7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932
77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c2d3ebe6719fa72c4c2ed7b830bd4fcc70aca957f9380166d3fdd2a708d54a3
7e718f629db56047e34605c878d5c8b2c6bd6cc9aaaea13ab7ca02b7fde8792f
7f77f30815a97a6c4e1317eb1bd7164e41738c9344f7f8ab1ca95b36cd2678f2
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4
82eb68a4aa619bdaf93acd7d4a573b07ad572f8675cf4ff6b61e2c5f6890b549
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8407966ce07dba88121ce62cb89ac90cf05bba9a517222149f492856513d3634
88513ef8ce83b1745cc065850e59f08ac1a31beb71d7bf2841a420d69be3c827
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8be140aa29933fbd06ff9c2e16bdd9c4bdf4b5fabf13e329998b6401962c4f02
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9656ceb2e6a95f8dc2b17eac8ffd38444e2aab2df1f435c43d8b5f385a365ac6
9d9354f5ccc9edfd57c5650b4456932fb7accded65b54e9ba719478863eed67f
9dbda455657931eab9cf12e737b736be32e13ccb4cdeed66996209414f028c8c
9fdab07a5ab0132bc84df1081b935aa3438f8429a41e731a28433f2b2cf1b972
a1f643112eac47832d85f858d25e911857cee99c566528f17921909e0eb82016
a25071dc8b8fea33f964a353594f9712e0351e95478f31d6ab313596344ee3ce
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec
a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c
a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d
b21618047d21c2ccc729f3980d873c18c718dd47193067746031a527a0354c7c
b4b118f1d6941d1c227f24465a739f9c03a205b53382e0aafcdfec681f394f7b
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027
b9609e13befde8e8bcaea0824bd0bb4a109019fc10d3aa1a392b314a0a082882
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb1fc509673c7bfa18deea5a1fab54ca33fb84b961a46a32f27f5e595b9630a3
bbdf5e1699bf67f2befd901a4037129150afc3dda91448bf1077b86eb88a6831
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc36d7ef97ab9f8cec6a6ef5e8e611d750f940460ba845d68317a075e821157
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d4d4196e7a538f691634772bcfe1445701d9c168553c5efad7de2c845f9e5834
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11
dc6595888a7c665fa78c126de038bec35fb7f8674ab928e00e9e1f9f46adffb3
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f5592d52a43ed2d23099328752f493d908c0f1f65190571051cb8d89221539
e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a
edb51485976205950b2767d5589f75f915db91ce2b1a6aa6193c120cdcc6e56a
eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f66a96e9a973ac7e4e920aeeba6ac52ccbc8e192f75a2baa96860cc097b6a2db
fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd18c98a5bb954ffb5d193917243d09a8653830ef46e766f99a14ccdc240999e
fdb3213b77654cd277f6d059d630a3e34089b3a49303b66668447b42c658159a

www.kennedy24.com Open in urlscan Pro 2606:4700:7::a29f:8a2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

99 %HTTPS

66 %IPv6

26 Domains

46 Subdomains

42 IPs

5 Countries

4730 kBTransfer

16724 kBSize

24 Cookies

7 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

99 %
HTTPS

66 %
IPv6

26
Domains

46
Subdomains

42
IPs

5
Countries

4730 kB
Transfer

16724 kB
Size

24
Cookies

195 HTTP transactions
2 data transactions