www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paracom.paramountcommunication.com/ct/62692881:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r
Effective URL:
https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Submission: On January 16 via api (January 16th 2024, 2:22:04 pm UTC) from US — Scanned from DE

Summary HTTP 194 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 26 domains to perform 194 HTTP transactions. The main IP is 2606:4700:7::a29f:8a2c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kennedy24.com. The Cisco Umbrella rank of the primary domain is 506442.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.

This is the only time www.kennedy24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.38.171.38 52.38.171.38	16509 (AMAZON-02) (AMAZON-02)
2 19	2606:4700:7::... 2606:4700:7::a29f:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700:7::... 2606:4700:7::a29f:802d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:d483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	108.138.36.93 108.138.36.93	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e4:... 2606:4700:e4::ac40:a507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3b64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:38::35	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4013:c00::5c	15169 (GOOGLE) (GOOGLE)
28	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225b:b200:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	198.202.176.81 198.202.176.81	16509 (AMAZON-02) (AMAZON-02)
3	34.211.17.226 34.211.17.226	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
6	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
194	41

1 52.38.171.38 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-171-38.us-west-2.compute.amazonaws.com

paracom.paramountcommunication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:7::a29f:8a2c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.kennedy24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:7::a29f:802d (United States)

ASN13335 (CLOUDFLARENET, US)

joinkennedy.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 108.138.36.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-93.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a507 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b64 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-ptjx4tds2q-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c00::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:b200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.211.17.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-17-226.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5083 r.stripe.com — Cisco Umbrella Rank: 3369 m.stripe.com — Cisco Umbrella Rank: 1188	1 MB
21	google.com translate.google.com — Cisco Umbrella Rank: 1164 region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2630 play.google.com — Cisco Umbrella Rank: 31	462 KB
19	nationbuilder.com joinkennedy.nationbuilder.com — Cisco Umbrella Rank: 826224 assets.nationbuilder.com — Cisco Umbrella Rank: 85797	343 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	846 KB
14	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140 ka-p.fontawesome.com — Cisco Umbrella Rank: 3262	350 KB
10	kennedy24.com 2 redirects www.kennedy24.com — Cisco Umbrella Rank: 506442	33 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 5797 newassets.hcaptcha.com — Cisco Umbrella Rank: 7041 api2.hcaptcha.com — Cisco Umbrella Rank: 14986 api.hcaptcha.com — Cisco Umbrella Rank: 7252	408 KB
5	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1284	40 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369 www.googleapis.com — Cisco Umbrella Rank: 20 translate.googleapis.com — Cisco Umbrella Rank: 800	240 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	178 KB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 12411	45 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2074 rs.fullstory.com — Cisco Umbrella Rank: 2075	70 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	254 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	79 B
2	google.de www.google.de — Cisco Umbrella Rank: 6518	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
2	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5668	2 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 463 p.typekit.net — Cisco Umbrella Rank: 566	2 KB
1	run.app server-side-tagging-ptjx4tds2q-uc.a.run.app	449 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 789	726 B
1	t.co t.co — Cisco Umbrella Rank: 656	375 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	getbootstrap.com getbootstrap.com — Cisco Umbrella Rank: 49095	7 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
1	paramountcommunication.com 1 redirects paracom.paramountcommunication.com — Cisco Umbrella Rank: 250304	854 B
194	26

	Domain	Requested by
36	js.stripe.com	www.kennedy24.com js.stripe.com
16	q.stripe.com	www.kennedy24.com
12	play.google.com	www.gstatic.com
12	r.stripe.com	js.stripe.com
12	www.gstatic.com	www.recaptcha.net www.gstatic.com pay.google.com
10	joinkennedy.nationbuilder.com	www.kennedy24.com
10	www.kennedy24.com	2 redirects www.kennedy24.com static.cloudflareinsights.com
9	assets.nationbuilder.com	www.kennedy24.com
7	ka-p.fontawesome.com	kit.fontawesome.com
5	www.recaptcha.net	www.kennedy24.com www.gstatic.com assets.nationbuilder.com www.recaptcha.net
4	pay.google.com	js.stripe.com pay.google.com www.kennedy24.com www.gstatic.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net www.kennedy24.com
4	ka-f.fontawesome.com	kit.fontawesome.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
3	m.stripe.com	m.stripe.network
3	www.googletagmanager.com	www.kennedy24.com www.googletagmanager.com
3	kit.fontawesome.com	www.kennedy24.com kit.fontawesome.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.facebook.com	www.kennedy24.com
2	edge.fullstory.com	www.kennedy24.com edge.fullstory.com
2	www.google.com	www.gstatic.com
2	www.google.de
2	region1.analytics.google.com	www.googletagmanager.com
2	www.lightboxcdn.com	www.kennedy24.com
2	fonts.googleapis.com	www.kennedy24.com joinkennedy.nationbuilder.com
1	api.hcaptcha.com	newassets.hcaptcha.com
1	api2.hcaptcha.com	newassets.hcaptcha.com
1	hcaptcha.com	b.stripecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	translate.googleapis.com
1	rs.fullstory.com	edge.fullstory.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	server-side-tagging-ptjx4tds2q-uc.a.run.app	www.googletagmanager.com
1	analytics.twitter.com
1	t.co
1	static.ads-twitter.com	www.googletagmanager.com
1	getbootstrap.com	www.kennedy24.com
1	www.googleapis.com	assets.nationbuilder.com
1	translate.google.com	www.kennedy24.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	www.kennedy24.com
1	use.typekit.net	www.kennedy24.com
1	ajax.googleapis.com	www.kennedy24.com
1	paracom.paramountcommunication.com	1 redirects
194	47

This site contains links to these domains. Also see Links.

Domain
checkout.opennode.com
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
rumble.com

Subject Issuer	Validity	Valid
www.kennedy24.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2023-10-21` - `2024-10-20`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
assets.nationbuilder.com E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-25` - `2024-01-23`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.a.run.app GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Frame ID: E419C0DC2067632929D6388B18E112FC
Requests: 81 HTTP requests in this frame

Frame: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: C76E8B77FE6F48CA76B71C0738190279
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 445FBAB7BD48EF59AF50AD318D805FF3
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=sd40476g1c8f
Frame ID: 6F7A91CFD0EFB936AE8F44DDC163BF1A
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5uplb7es0yr
Frame ID: E2AB5AB9978C6D08BDFF4D7B06DCC0A3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
Frame ID: DDEE5CE455CBC83215C4819691983009
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
Frame ID: 30A09439FBA551F2D4684A98E350150C
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html
Frame ID: D2C94A982C7579AC7CFFFA985D59E993
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html
Frame ID: 26B71E684CD2B6631EB06B35C331D819
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5uplb7es0yr
Frame ID: 0854C94602F29BF191EE6E0F9B8A227A
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0555698A31FC394778CACD2B0DBBA064
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B9B58C9566C9066367095E2303A65D9E
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 8FCA32A7EC9B10D07BA96329B6D8E94F
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html
Frame ID: 642FC371ED58240080C27F660B223E65
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
Frame ID: 6E768FD424ACF121335605781B0EF0DB
Requests: 6 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 09319FB29EFD625353720FF44FC0099C
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
Frame ID: 82A7C1C48626BE68925F39EF7007D4D7
Requests: 9 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=x32ffixjnte
Frame ID: 7CD5A7EE40C0F190541DB2F4DEBABBEA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We, the People... | Kennedy24

Page URL History Show full URLs

http://paracom.paramountcommunication.com/ct/62692881:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r HTTP 302
https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

194
Requests

98 %
HTTPS

70 %
IPv6

26
Domains

47
Subdomains

41
IPs

5
Countries

4737 kB
Transfer

16729 kB
Size

25
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.opennode.com/p/d05e70a0-a317-4e30-b81d-1ae3e5575d2c
Title: Bitcoin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/robertfkennedyjr/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rfkjr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@teamkennedy2024

Search URL Search Domain Scan URL

URL: https://twitter.com/RobertKennedyJr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ewc5vQcMpLticvqPDcSQw

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RFKjr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paracom.paramountcommunication.com/ct/62692881:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r HTTP 302
https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 73

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

194 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
www.kennedy24.com/
Redirect Chain

http://paracom.paramountcommunication.com/ct/62692881:Wzc9bGiWN:m:1:2685335137:CAFAF6D29321B7B14494C2EA752B7720:r
https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

85 KB
20 KB

309ms
263ms

Document
text/html

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b04d1b0db347e3217b38ce86eaa71a857e7cdadc449ba67619b71184f016fece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84670206bb3f65a8-FRA
content-encoding: br
content-security-policy: frame-ancestors joinkennedy.nationbuilder.com
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
vary: Accept
x-content-digest: 65753cce8143663bc54d2c06b4df11a91a5e5a5c
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1705414918266909
x-nb-cached-page: yes
x-rack-cache: stale, invalid, ignore, store
x-request-id: bf21080f-956d-4748-ba91-923fb9d6197e
x-runtime: 0.121436

Redirect headers

AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 221
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jan 2024 14:21:58 GMT
Location: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 62ms
27ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 14:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 14:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 14:21:58 GMT

GET
H2 200 theme.scss
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 419 KB
58 KB 476ms
446ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/theme.scss

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdc36d7ef97ab9f8cec6a6ef5e8e611d750f940460ba845d68317a075e821157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705391430100272
alt-svc: h3=":443"; ma=86400
x-request-id: a21ae875-09b1-442f-b460-080e50e13b6d
x-runtime: 0.054393
x-content-digest: 4e74c35d4d42b4d785725da9ae5be2bf4482993b
server: cloudflare
etag: W/"cdc36d7ef97ab9f8cec6a6ef5e8e611d"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 846702089b209128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:10 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
6 KB 82ms
24ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5640
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:45:56 GMT

GET
H2 200 opz7yic.css
use.typekit.net/ 10 KB
1 KB 45ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/opz7yic.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

751c35af08d9aa58dc304762b4696f0b56e3debcba775d38db4a9d87ceb1ff12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 16 Jan 2024 14:21:58 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1198

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
5 KB 56ms
28ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 98
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 846702089f7137fd-FRA
x-amz-cf-id: aawdlP4ab01bU593RXj62EcX8FhDEvs7FQdGrHyhdcpyTSwPUbqULw==
expires: Tue, 16 Jan 2024 18:21:58 GMT

GET
H2 200 profile-login.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/ 3 KB
4 KB 54ms
26ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/profile-login.png?1697582282
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
x-amz-version-id: UZ3z2H3eCPLVBD_NSfvXtS6kN40SZ1iE
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 98
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3222
last-modified: Tue, 17 Oct 2023 22:38:03 GMT
server: cloudflare
etag: "2d003d6e18b1ba4e0db766e8f4dc526f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 846702089f7437fd-FRA
x-amz-cf-id: 4nQYJ-jCCtfTAk_FDgZu6AjuAlxI2f4a-VlU_0tR3LnuWMgkVp4nig==
expires: Tue, 16 Jan 2024 18:21:58 GMT

GET
H2 200 rumble_logo_white.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/ 22 KB
22 KB 54ms
27ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/rumble_logo_white.png?1697064082
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
x-amz-version-id: QTvG_ogPyZRtij5jlvYT2NsZCXixTkK7
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 98
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 22352
last-modified: Wed, 11 Oct 2023 22:41:23 GMT
server: cloudflare
etag: "28e5ce4754ad7167c4c4e5eb9378ff1e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 846702089f7337fd-FRA
x-amz-cf-id: LUyKrnirpS2lfexHIMEL2SOi1TBT90lQP3aTVj8TjZTvg-JqFpS4tg==
expires: Tue, 16 Jan 2024 18:21:58 GMT

GET
H2 200 rocket-loader.min.js Show response
www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
server: cloudflare
etag: W/"658bfe17-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 846702086d6965a8-FRA
expires: Thu, 18 Jan 2024 14:21:58 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 62ms
46ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8467020889102bac-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 45ms
8ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=opz7yic&ht=tk&f=22792.22793.22794.24318.40090.40091.40092.25668.25670.25673.25676.25679.51955.51956&a=2508016&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/opz7yic.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
529 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/theme.scss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joinkennedy.nationbuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 14:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 14:18:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 14:21:58 GMT

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
4 KB 23ms
23ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:58 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 98
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8467020b9aa037fd-FRA
x-amz-cf-id: aawdlP4ab01bU593RXj62EcX8FhDEvs7FQdGrHyhdcpyTSwPUbqULw==
expires: Tue, 16 Jan 2024 18:21:58 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 48ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:37:24 GMT
x-content-type-options: nosniff
age: 269075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 11:37:24 GMT

GET
H2 200 fslightbox.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 30 KB
10 KB 138ms
133ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/fslightbox.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705384106717631
alt-svc: h3=":443"; ma=86400
x-request-id: 9279f469-f095-49c7-bb43-2616eb15167e
x-runtime: 0.117096
x-content-digest: 167b1e36379227a2fa7c635269bdcb0ed8dec4c0
server: cloudflare
etag: W/"77ba0f0971a262f3fe1999d37208a8a7"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddec9128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 77ms
30ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4249d6eefdf3f232e1e673d9f2526767c25ba6585d7712107c1994bd63c270da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 50 KB
17 KB 34ms
30ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
x-amz-version-id: 9FhmNzP5VKtGFI6Q2AeFoOvTMd.Koj5z
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 115637
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:14:54 GMT
server: cloudflare
etag: W/"9714f34f09a34492cd827f7620009730"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 8467020bd8f99048-FRA
x-amz-cf-id: gro__TTbN4CAlLVw9A4Rkdg9nslEWqH1g27n8_fa0MhKODbC_AU9rA==
expires: Tue, 23 Jan 2024 14:21:59 GMT

GET
H2 200 k24-float-label.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 3 KB
975 B 135ms
131ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/k24-float-label.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705387385982112
alt-svc: h3=":443"; ma=86400
x-request-id: 700fe453-edea-4285-98cb-fe09bb9d869c
x-runtime: 0.124876
x-content-digest: 858dc6cedc176df364401823e6b822ffa39fd992
server: cloudflare
etag: W/"a7e81be515a4350b67aaa7b634852658"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddee9128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 localized-inputs.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 2 KB
900 B 145ms
141ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/localized-inputs.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705391430946322
alt-svc: h3=":443"; ma=86400
x-request-id: 957f31aa-a96f-4187-84e1-2c6b5acedbf3
x-runtime: 0.072640
x-content-digest: 44e5290de99fa9b40844d1e42b544d997e7c61ee
server: cloudflare
etag: W/"81d4fa5df88680bfb5899dc73e158c00"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddf09128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 theme.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 50 B
260 B 577ms
573ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/theme.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705391430684570
alt-svc: h3=":443"; ma=86400
x-request-id: 6f1a673e-dc7d-4cb3-8b05-2bf40bc721fd
x-runtime: 0.106327
x-content-digest: 25fec939dd7fcf76bdd26229129e82ba0de317b7
server: cloudflare
etag: W/"7592e61876da5df397281e08f2abf3aa"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddf29128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 bs-custom-file-input.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 2 KB
1 KB 142ms
139ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/bs-custom-file-input.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705391430679310
alt-svc: h3=":443"; ma=86400
x-request-id: 670168bd-c4e7-4c91-8b42-55661ba045aa
x-runtime: 0.047206
x-content-digest: 59d3af0630bcb8da94e201ce3453821d82447d22
server: cloudflare
etag: W/"4be37bbc2e40bc238e8895eac52b3a9d"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddf39128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 bootstrap.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 57 KB
16 KB 421ms
417ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/bootstrap.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1705384106967905
alt-svc: h3=":443"; ma=86400
x-request-id: e28847a3-6475-4ee1-82cb-feaab14100e8
x-runtime: 0.143989
x-content-digest: 6778fed3cf095a318141a31f455c8f4663885bde
server: cloudflare
etag: W/"0a34a87842c539c1f4feec56bba982fd"
x-frame-options: ALLOWALL
vary: Accept, Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddf59128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H3 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 34ms
31ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
x-amz-version-id: 9Lgtfo2KO1vjkUANzwHYiftMn2Nstey0
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 372097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 8467020bd8fc9048-FRA
x-amz-cf-id: Qytx3pIQNaZVadlsRt4GHseWDbF3c3a9MVifOfa6zVSfet7PxQQwtQ==
expires: Tue, 23 Jan 2024 14:21:59 GMT

GET
H3 200 donation_v2_page.js Show response
www.kennedy24.com/assets/liquid/ 2 KB
1 KB 218ms
216ms Script
application/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/assets/liquid/donation_v2_page.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-runtime: 0.068307
date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-request-id: 6a5ef727-4db1-478e-971a-0f34e619713a
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
x-middleware-start: t=1701457278604293
cf-ray: 8467020bdcf21e60-FRA
alt-svc: h3=":443"; ma=86400
x-rack-cache: pass
expires: Tue, 16 Jan 2024 18:21:59 GMT

GET
H2 200 staged-donations.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 11 KB
2 KB 417ms
415ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/staged-donations.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1705414919366455
alt-svc: h3=":443"; ma=86400
x-request-id: e939d55d-c761-4786-aff7-8a4121c7692c
x-runtime: 0.071797
x-content-digest: 45862d061369f952adfaa29d6844935610f45e8c
server: cloudflare
etag: W/"3fef202588115c2a23969fc04c669b49"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddf79128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 donate-jquery.ui.effect-slide.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 774 B
643 B 411ms
409ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/donate-jquery.ui.effect-slide.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1705414919361794
alt-svc: h3=":443"; ma=86400
x-request-id: 5081db3c-9b91-49ad-800b-421af207cfbd
x-runtime: 0.066961
x-content-digest: 2d0b4629f786724cb9ceba70e34ff5775fa16084
server: cloudflare
etag: W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddfb9128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 donate-jquery.ui.effect.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/ 13 KB
5 KB 145ms
142ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071705382239/default/donate-jquery.ui.effect.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-middleware-start: t=1705414919091158
alt-svc: h3=":443"; ma=86400
x-request-id: 1aa82a38-fdb0-465a-bb18-00a4af2cbd8d
x-runtime: 0.057025
x-content-digest: 1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server: cloudflare
etag: W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8467020bddfc9128-FRA
x-rack-cache: fresh
expires: Wed, 15 Jan 2025 20:11:11 GMT

GET
H2 200 38b3ad1ee0.js Show response
kit.fontawesome.com/ 12 KB
5 KB 42ms
21ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 31
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8467020bfb046907-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6qprD8txGMy-kCnZ4xi

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/ 3 KB
1 KB 678ms
651ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/lightbox_speed.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c84c299c77064e01c76d66bd64ca5adec6a7d14668beec7c1fa2ba8b8c07d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: s73XdXeBdFFAUowS4rmvSQ==
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 15 Jan 2024 14:14:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 37f8e65f-001e-0020-7ec5-4774fc000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 8467020c094f3719-FRA
expires: Tue, 16 Jan 2024 14:22:59 GMT

GET
H2 200 706b9f1865.js Show response
kit.fontawesome.com/ 12 KB
5 KB 152ms
133ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706b9f1865.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8467020bff579bf5-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6OeRh64zu3FNfF-AhjB

GET
H3 200 payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js Show response
assets.nationbuilder.com/assets/ 16 KB
5 KB 24ms
23ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
x-amz-version-id: 0UtgqgwClP8EiIar9FS0D8kcRrDirDUw
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 113807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:35 GMT
server: cloudflare
etag: W/"7d0fc9aeec4f03aeef50129fbe29b1df"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 8467020bd8fe9048-FRA
x-amz-cf-id: JJx1THGMpQ_DAmw5zSkdDNOB-NUa0hAxrr1wStRHDT6Le5lDzYU2kA==
expires: Tue, 23 Jan 2024 14:21:59 GMT

GET
H3 200 payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js Show response
assets.nationbuilder.com/assets/ 35 KB
4 KB 25ms
24ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
x-amz-version-id: tE.L.zuQWxf9ft6Yeo3ica7oKSBsQYTG
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 187970
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:35 GMT
server: cloudflare
etag: W/"ba73545e732d35824a90f9daee280d57"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 8467020bd8ff9048-FRA
x-amz-cf-id: bYXUpR7wtsyJ7qqBbZxZEjr5aAnBoySy3EK-klWUKxXuJN4xtmdKPA==
expires: Tue, 23 Jan 2024 14:21:59 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 585 KB
144 KB 88ms
17ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:32 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 53
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:47:30 GMT
server: Cloudfront
etag: W/"683b9f5de81fe1d181bceec0c32cc9fe"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: BXvIQwfuKv2FH-x7adI9lsBmbyEHsZaq59kOXBCjueZPKCmB0R04aA==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 79ms
31ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e718f629db56047e34605c878d5c8b2c6bd6cc9aaaea13ab7ca02b7fde8792f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:21:59 GMT

GET
H3 200 main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 469 KB
134 KB 44ms
43ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
x-amz-version-id: zlPj.IfBmhJWCnRphuyWdGEaI2oPDSyN
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 24866
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"65f4d89d2236c9f9b248d9ed5de8dafa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 8467020bd9019048-FRA
x-amz-cf-id: l22ySRjOUL7UCry6EwymQ5uGy3uUHRam9apag8Ck6OTlquq4GHytiw==
expires: Tue, 23 Jan 2024 14:21:59 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame C76E
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
3 KB

17ms
16ms

Script
application/javascript

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de821f81cf048400b048ede572fda6bec4ec4fdad2ea8d9412001605c7ab463

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8467020c0d4b1e60-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Jan 2024 14:21:59 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 8467020bed0b1e60-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
78 KB 78ms
44ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

382f659124971678bcd8e78c90460cfc87cfd0e9077f2012ff5368f0bf58ea8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79485
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 14:21:59 GMT

POST
H3 200 84670206bb3f65a8 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C76E 0
314 B 48ms
48ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/84670206bb3f65a8
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
server: cloudflare
cf-ray: 8467020c8e241e60-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 55ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H2 200 webfonts Show response
www.googleapis.com/webfonts/v1/ 1 MB
159 KB 181ms
125ms XHR
application/json 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52c8cfbf05223ab03607c88608ecc0419becb8df5884a096a030115b0958a230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript
Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: 1521377560568e585b770dd455965b31ff88e7e2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: public, max-age=3600, must-revalidate, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162536
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 37ms
19ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 4184212
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RafxWJe73MYqllw3DrfonCgF5mO%2BeCVv52K%2BboREga%2BchHCOWkOzx49rMiIPnqvXauVHm%2BnJyF54NKGzDYEeuKRlufH3wVRw8%2BKhNQYN3UIeq8%2FvSLSWt%2B%2FWPc2M1Z%2BuClQINi0GHybnLFBxLSGE27ftg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8467020ceac965dd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PweJ5j9cqTGbESn_4NBjv7A5C9XIFVLTacYqpoVyZUmYlRkKVFzvsg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 36ms
19ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 5908977
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEOnKCc%2BQtTq0e3w3coenfRDxBjn0wzppGZOUrg%2BnixeTY6dpjIo9pVk54Z58L%2BqnCgjmMorXGbE9KCma9Nw1CZL%2BU0upD%2BfK%2FQtdwH2GKfc1gzAdolHWS6s1dowRUS%2FpfSsrqrNr4Fr1%2FaAZIxLvW%2FlUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8467020ceac765dd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cbWv7WO8Kr38Ven1HdFwEpJrB3yqvxjPEerYgp1LdWI9Z4SquJwMEw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 34ms
17ms Fetch
text/css 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 5463597
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f22q4nXDv3i8LQ4WpQnp%2BbZbSbNQs9iRT7MujgjgZQ5hl8czU20bf0U2cDiZ1HSp%2F2Puq4o7sBVnP1p8%2BgncHS4gFPfM0p4t%2BAVe7ZyH78H9P0s%2Bi%2B%2FW1P9qS1VQUFqag8GjkzhPXb8yUwA7G9Z%2FAcUQyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8467020ceaca65dd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ex7_2voWQXL24XLk42lezYfiMKEc5lH5FWBiCTv2PfvVczdEmUBzgA==

GET
H2 200 popper.min.js Show response
getbootstrap.com/docs/4.0/assets/js/vendor/ 19 KB
7 KB 147ms
131ms Script
application/javascript 2606:4700:10::6816:3b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-fastly-request-id: 144d010a265d3af496256dbbf79afd46a854fe22
date: Tue, 16 Jan 2024 14:21:59 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Mon, 08 Jan 2024 05:45:37 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Thu, 14 Sep 2023 14:29:01 GMT
server: cloudflare
x-github-request-id: A428:0E81:3EF3FA3:401B8E9:6540671F
x-timer: S1700598873.731530,VS0,VE1
etag: W/"650318ad-4af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 8467020cef9c1ac7-FRA
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
104 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d3b5d49d684b418f9774cf82e00340ac4d0e40a39a985d73e0f880ad801cec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106688
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:21:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
72 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29b76a1beac0164b0c37a3db031f3ec42cfbcf0de22ffe8e8e8d6f6c11885229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73262
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 14:21:59 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 34ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230064-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 58ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 14:21:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZdkbUEYQuvKclKFGM9ykMPh9sk5Ua6CLBAzTSOTWSl8xml5ILLD8gv3X5kLbWnXMIFYNZ0sERpXLmeHXwwzVxg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 14ms
14ms Font
font/woff2 2606:4700:e4::ac40:a507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 3904644
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ci54cdklynJovuHx%2BtEXdLe9G3%2BZDAzziL%2BeoVmS714Icu%2FaBDfCAO7HmII2058PS0Oo0sD8wJ11BygcawR4dUcSP9E%2B4ZhvtL5wlqP6afxIl2HhQA33iM5QiIyXhYorAdJyx5ab1S2UtbLm5fqK7nAtcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8467020d1b0065dd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: I4NkJmCkVoFBzzWlFI_o5w0RA8v4JuWwpbARdgKeoTviusfnf3sxCg==

GET
H2 200 adsct
t.co/1/i/ 43 B
375 B 190ms
168ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=be10dc5d-e0ae-4431-b356-76d13546e425&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=155b7e7c-7686-479d-9b05-1490ac789fdc&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 160
date: Tue, 16 Jan 2024 14:21:58 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1ceff575224cc6a5
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 8e0cecbfb9acc2dd76576841ce12195b84917f0a9c294da8ae054234f794c097
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 198ms
169ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=be10dc5d-e0ae-4431-b356-76d13546e425&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=155b7e7c-7686-479d-9b05-1490ac789fdc&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-response-time: 158
date: Tue, 16 Jan 2024 14:21:58 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a3e320b52ed7879c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 330d786d75c44fc953146aa071b59cefecb2bf79a4bf1c2ec2fafbaade977c14
content-length: 43

POST
H2 200 collect
server-side-tagging-ptjx4tds2q-uc.a.run.app/g/ 0
449 B 248ms
218ms Ping
text/html 2001:4860:4802:38::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-ptjx4tds2q-uc.a.run.app/g/collect?v=2&tid=G-CAPI12345&gtm=45je41a0z89133194504&_p=1705414919066&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=799340496.1705414919&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705414919&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1705415091068_17054156658691&tfd=1500
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 690457ed7e706f593a8beb5a51535190
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 16 Jan 2024 14:21:59 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41a0v9113043695z89133194504&_p=1705414919066&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=799340496.1705414919&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705414919&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_ss=1&tfd=1528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JWBYYEB6SQ&cid=799340496.1705414919&gtm=45je41a0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11465445694/ 3 KB
2 KB 82ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11465445694/?random=1705414919269&cv=11&fst=1705414919269&bg=ffffff&guid=ON&async=1&gtm=45je41a0v9113043695z89133194504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&hn=www.googleadservices.com&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&auid=1445459041.1705414919&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7d6bf885df070e136b92758d221686043755a4647f408daf26bd446191539b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 108ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JWBYYEB6SQ&cid=799340496.1705414919&gtm=45je41a0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1720321818

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 689052772650376 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689052772650376?v=2.9.140&r=stable&domain=www.kennedy24.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f77f30815a97a6c4e1317eb1bd7164e41738c9344f7f8ab1ca95b36cd2678f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 14:21:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35392
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: sL1OYOUdfuOI/kxcWL41aS1TOBMVZzeWsj3Rz0kn1Um9G6RkQ2ukwx6avQwuBy+Vsnt9lNHNeJRYjov4wlhOIw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
118 KB 23ms
22ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 494396
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8467020e0d8f6907-FRA
content-length: 120109

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 31ms
31ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 1227151
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8467020e0d906907-FRA
content-length: 7186

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/38b3ad1ee0/70955553/ 0
137 B 22ms
22ms Fetch
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0/70955553/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
cf-cache-status: HIT
age: 1550005
content-length: 0
x-request-id: F6VYHKev1O8Cg7x-wzoB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 8467020e0d8e6907-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 /
www.google.com/pagead/1p-user-list/11465445694/ 42 B
455 B 60ms
26ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11465445694/?random=1705414919269&cv=11&fst=1705413600000&bg=ffffff&guid=ON&async=1&gtm=45je41a0v9113043695z89133194504&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_E5hP5gHGRqsRNP-tWtEv0LOH2Cz69w&random=3503158682&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11465445694/ 42 B
154 B 36ms
36ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11465445694/?random=1705414919269&cv=11&fst=1705413600000&bg=ffffff&guid=ON&async=1&gtm=45je41a0v9113043695z89133194504&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_E5hP5gHGRqsRNP-tWtEv0LOH2Cz69w&random=3503158682&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 29ms
28ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 1227150
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8467020e6e0b6907-FRA
content-length: 38432

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 13 KB
14 KB 28ms
28ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 833909
etag: "6568cc22-35f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8467020e6e0d6907-FRA
content-length: 13816

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 39 KB
39 KB 28ms
28ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 1227150
etag: "6568cc18-9cfc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8467020e6e106907-FRA
content-length: 40188

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 50ms
15ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:39:55 GMT
content-encoding: br
age: 2524
x-guploader-uploadid: ABPtcPrfvxKiMw_TXHsju4cW6n3gNg0nVT1riA45qQQQ491J77T0MvKCH9lKY35epJV7bkSDMCMkRWXBrw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69176
last-modified: Tue, 09 Jan 2024 14:46:09 GMT
server: UploadServer
etag: "39c79f2b05faf1b80cfb99fdd212a0e6"
vary: Accept-Encoding
x-goog-generation: 1704811569390469
x-goog-hash: crc32c=MZJ0CQ==, md5=OcefKwX68bgM+5n90hKg5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69176
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 16 Jan 2024 14:39:55 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b9609e13befde8e8bcaea0824bd0bb4a109019fc10d3aa1a392b314a0a082882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:21:59 GMT
content-md5: mIqsItdUP5auNvtOStWSUQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: 6Vqo0TMaVG/atMe4t0HsKcSOBEnXMxJmx4BTh6iwqXGCgpyWcRh6eMhQ3nu9EiIhzXIGFKif1RfNhbR9SIxgHQ==
x-fb-content-md5: 068307dc49b7a66d89dd160f264eeef4
cross-origin-opener-policy: same-origin-allow-popups
etag: "89e90daa113671f5848c353ed4002d1f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 16 Jan 2024 14:25:30 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ad491f74a47b06604017ee64c901ae96

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b21618047d21c2ccc729f3980d873c18c718dd47193067746031a527a0354c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 14:21:59 GMT
content-md5: +gPAno4y0EGKSFhMAN9pZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86934
reporting-endpoints
x-fb-debug: SFV1D536CRjuLUvGCZ/63DKxLVxTTdSbZ+E0+KUhML/adCwRNf3opTFvtlqCDwhRA4B7fWFknjJfwuv+JCisvA==
x-fb-content-md5: 86b7d0a8c1a90ce39c0d5fd23970e488
cross-origin-opener-policy: same-origin-allow-popups
etag: "5dd219f13977fd534d5054ea1c25706b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Jan 2025 12:24:47 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 47ms
27ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1679673749184434&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&sdk=joey&wants_cookie_data=true

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
strict-transport-security: max-age=15552000; preload
date: Tue, 16 Jan 2024 14:21:59 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: kNS897JBi6WYvnsxjWEuZBcePEnCYlJ7V1nMhbba2g395pQRU5nckzkjRVUr/05ObKoQ9IvIRcatZph2qthXmQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1V4959-na1/v1/ 6 KB
2 KB 14ms
14ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1V4959-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 88513ef8ce83b1745cc065850e59f08ac1a31beb71d7bf2841a420d69be3c827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:20:21 GMT
content-encoding: gzip
age: 98
x-guploader-uploadid: ABPtcPorrNMg1oVtrB45REg6yQhxAvHPaCnDXpXdq1hGG8HbMtFxNsw_ESsjf5hjWP4Cq5o-vtgkf-C3Xw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1605
last-modified: Tue, 16 Jan 2024 14:18:36 GMT
server: UploadServer
etag: "75a7fb12c1760998f9d879afdaa53776"
x-goog-generation: 1705176516733853
x-goog-hash: crc32c=0LQ/hA==, md5=daf7EsF2CZj52Hmv2qU3dg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1605
accept-ranges: bytes
content-type: application/json
expires: Tue, 16 Jan 2024 14:35:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
79 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689052772650376&ev=PageView&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&rl=&if=false&ts=1705414919561&sw=1600&sh=1200&v=2.9.140&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1705414919362.2046932990&ler=empty&it=1705414919288&coo=false&eid=1705415091068_17054156658691&tm=1&cdl=&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Jan 2024 14:21:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 page Show response
rs.fullstory.com/rec/ 79 B
279 B 158ms
124ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

f66a96e9a973ac7e4e920aeeba6ac52ccbc8e192f75a2baa96860cc097b6a2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.kennedy24.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
4 KB 41ms
13ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/am=wA/d=1/rs=AN8SPfoiShHCb8vwCxVRemi3s1_LaVy25Q/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 06:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 06:12:51 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqVk7C7dL84AfjOFZNpKVJA9BOXzQ/ 208 KB
72 KB 47ms
14ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqVk7C7dL84AfjOFZNpKVJA9BOXzQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.i4BJRBdPaJ8.O/am=wA/d=1/rs=AN8SPfoiShHCb8vwCxVRemi3s1_LaVy25Q/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9cb11e03f12b8ae3ff94372e8a7f692f92b69b62b18eaf42f400b7ddac2ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 06:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73587
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 00:11:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 06:06:03 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame C76E
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
3 KB

22ms
21ms

Script
application/javascript

2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Protocol

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3e497a4d1f69db3107c7e48aa80c36323930ba79176d7ea58c144097a1954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8467020fdbb01e60-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Jan 2024 14:21:59 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 8467020f8b0a1e60-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 445F 200 B
1 KB 15ms
15ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2688
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 13:37:16 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: w6jEi11Jr16JZfssUgj3o4ue60Lywdv6_0ZGAOfMXvRQLa5Ap_J5eA==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 6F7A 44 KB
28 KB 45ms
44ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=sd40476g1c8f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d379f8954798c4d2a31528c537dea2b2e91cf1f9f1714161257c0e040c349243

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IaY8K0nscyQDtMuH9SUHRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-IaY8K0nscyQDtMuH9SUHRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:21:59 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET anchor
www.recaptcha.net/recaptcha/api2/ Frame E2AB 0
0

GET
H2 200 controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html Show response
js.stripe.com/v3/ Frame DDEE 325 B
1 KB 16ms
16ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a25071dc8b8fea33f964a353594f9712e0351e95478f31d6ab313596344ee3ce

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:59 GMT
etag: "cd24e7c1f64e4a5ccfe0b4a332259a7c"
last-modified: Fri, 12 Jan 2024 21:06:26 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: oxt8JqCO8E6UBc2HeGM-RB-LvtS_9VrnrzZEu2NLSZkjcpitwoqGtw==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html Show response
js.stripe.com/v3/ Frame 30A0 798 B
2 KB 15ms
15ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9dbda455657931eab9cf12e737b736be32e13ccb4cdeed66996209414f028c8c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 235
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:18:05 GMT
etag: "86725cc35851d08d71f57f993ab9f2e3"
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: 8ZPoE4hFjLlB7GZlCFABo1hNXo8jHRDeb91sDqlxim47tP1KhJNTEg==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html Show response
js.stripe.com/v3/ Frame D2C9 408 B
1 KB 15ms
15ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8be140aa29933fbd06ff9c2e16bdd9c4bdf4b5fabf13e329998b6401962c4f02

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3053
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 13:31:07 GMT
etag: "954baa4418d900918d6a480ac847ce94"
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: bpAemUqGmHlick_p415v9VzO6dVISYIgt2PNWSsVqswzJR_NqmlxMg==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html Show response
js.stripe.com/v3/ Frame 26B7 344 B
2 KB 17ms
16ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

edb51485976205950b2767d5589f75f915db91ce2b1a6aa6193c120cdcc6e56a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:21:59 GMT
etag: "b9b2a4a4d0721416474ac922a501403b"
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: Jo-llyVvgHqFNDTM80J05lC0OGO2GpT6ycbspQ74sIubmPDlh_x4bw==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 0854 7 KB
1 KB 29ms
29ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5uplb7es0yr

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0732c3265c7da0a8097b8df053dc54c197fd07ada11c540962dd907602ed181

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aqpKajOsuCE7OlgykYkxrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aqpKajOsuCE7OlgykYkxrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:21:59 GMT
expires: Tue, 16 Jan 2024 14:21:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 rum Show response
www.kennedy24.com/cdn-cgi/ 0
143 B 11ms
11ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: application/json

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.kennedy24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8467020fcb9d1e60-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41a0v9113043695z89133194504&_p=1705414919066&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=799340496.1705414919&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1705414919&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dbillions%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=stacked_donate_amount_selected&ep.stacked_donate_amount_selected=5&_et=368&tfd=1910
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 14:21:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 445F 526 B
1 KB 15ms
15ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:27:43 GMT
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 3258
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0gSNCgUOn0TCGqNVQmJNft8-ZOwymkOhViO1-Ma4z0tExCjpPTp4Vg==

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDEE 533 KB
117 KB 20ms
18ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 886
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: R4vH8bDvp6xl3bonjLQ_7W4f29JTYgojkGkUp_0F4QVPLNLJVIZiZQ==

GET
H2 200 controller-412bac64fa03cf1b2d253e11b4267c7b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DDEE 691 KB
159 KB 31ms
28ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-412bac64fa03cf1b2d253e11b4267c7b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

74555b53d117ce3eede0e874b2a4ba7ca46fb33c790bcc76de43bf6428b60071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 887
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:37 GMT
server: Cloudfront
etag: W/"2a6a43947b3826b137f44b2bfdc68271"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gM1EC7yHtze0Zeqd9XJvwe07qnpeqkTnGBLxuAGf3lX7MQpiT-5Y-A==

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 30A0 533 KB
117 KB 48ms
46ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 886
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gXxDynXloSJuqhqyB5FSdBuECjYKantMjVHWiUiYYs7Ss8pd3V6aAQ==

GET
H2 200 ui-shared-260909cda3d3b355462e5847597128b0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 30A0 408 KB
104 KB 43ms
41ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-260909cda3d3b355462e5847597128b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1f643112eac47832d85f858d25e911857cee99c566528f17921909e0eb82016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:10:25 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 695
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
etag: W/"67c7778f59449f7b2ebd50e4c0aa2244"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6xO7CDq_WTUGURCTg2L1Lyyw6AEdk9cFsPWK2zmYzqMQsZcf_pNKfA==

GET
H2 200 elements-inner-card-1706847dbc14231d360b7fd77e59dc13.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 30A0 53 KB
14 KB 52ms
52ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-1706847dbc14231d360b7fd77e59dc13.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e5f5592d52a43ed2d23099328752f493d908c0f1f65190571051cb8d89221539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:13:49 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 492
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 18:09:19 GMT
server: Cloudfront
etag: W/"465e7b3a4362b5189766b3e3958d0b59"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fenj1IKVNeYgrxfTxUkUKdda6_q96SaZXoljMarZnYsx1HKEy_y2dA==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 30A0 20 KB
3 KB 29ms
27ms Stylesheet
text/css 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:39:11 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2569
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:44 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: expYVse3bB1NSmlSqmh-TaRDy3cktdnQ0OVq7nR3V8CEIaqJUsn5ig==

GET
H2 200 elements-inner-card-b79a095030fa6973133c91d98bd626d2.css
js.stripe.com/v3/fingerprinted/css/ Frame 30A0 14 KB
2 KB 29ms
28ms Stylesheet
text/css 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-b79a095030fa6973133c91d98bd626d2.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1bb8affc0ad0f6449490148a0ec45435d64f1494b92ad385f266b9b86d7aa076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:18:10 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 235
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
etag: W/"81af9199f83c2489a35a5a81327a87b6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PQh1wl4IlLsmF4F5V3xSGd2-bQKTHfdI_11OXv4mJTMs-Rw4MCsl8Q==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame D2C9 119 KB
36 KB 101ms
58ms Script
application/javascript 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-46oNQcU1y3ZMamhqRj6vZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-46oNQcU1y3ZMamhqRj6vZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 16 Jan 2024 14:21:59 GMT

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D2C9 533 KB
117 KB 51ms
50ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 886
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 4mIEuortLharayBY_f4mrS2LxZ-12eBCg4t4IEV3doqI3SrIRhDdsA==

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D2C9 12 KB
5 KB 16ms
15ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-954baa4418d900918d6a480ac847ce94.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:16:41 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 326
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:04:31 GMT
server: Cloudfront
etag: W/"c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: G2qGBp9OcU2GdToqbDxoJ7WEk81Toy7_fRYFQMSurXWohazwsexRmg==

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 26B7 533 KB
117 KB 55ms
54ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 886
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tBBA0eIeVTQvT4ZQb1SLdh2cjdV7xbe7YDPtWR8KDMWB-Nxkp0nHaw==

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 26B7 13 KB
6 KB 57ms
57ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-b9b2a4a4d0721416474ac922a501403b.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:48:51 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2021
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: gJ4WSS3QWqUsSlcLHRakihNm7QwOFv9MSzw4RTW_lJkCgDJ2dXRmuw==

POST
H2 200 csp-report
q.stripe.com/ Frame 445F 0
716 B 705ms
345ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920281217
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920280869
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 445F 0
716 B 718ms
358ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920281957
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920281684
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DDEE 0
716 B 718ms
358ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920282383
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920281756
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 6F7A 55 KB
24 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=sd40476g1c8f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 6F7A 506 KB
203 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 30A0 0
714 B 709ms
351ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920282170
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920281831
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 30A0 0
714 B 728ms
369ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920282177
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920281840
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D2C9 0
714 B 726ms
369ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920281250
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920280904
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D2C9 0
715 B 707ms
350ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920282523
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920281667
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 26B7 0
715 B 714ms
358ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920282235
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920281685
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 26B7 0
715 B 703ms
347ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920281218
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920280899
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 0854 55 KB
24 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 0854 506 KB
203 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 14:02:54 GMT

GET
DATA 200
OK truncated Show response
/ Frame 0555 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 40ms
13ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 22:14:23 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B9B5 930 B
2 KB 73ms
16ms Document
text/html 2600:9000:225b:b200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:b200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 259
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:17:43 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-id: PNo2Hzhfl-SKKckUElpJ7FTC9auEbumzcPdhJ_K0ovt1vxCxNpqWzg==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:49:42 GMT
x-content-type-options: nosniff
age: 70337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 14 Jan 2025 18:49:42 GMT

POST
H3 200 84670206bb3f65a8 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C76E 0
319 B 27ms
26ms XHR
text/plain 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/b/jsd/r/84670206bb3f65a8
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: br
server: cloudflare
cf-ray: 846702109ced1e60-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
278 B 19ms
19ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1705414919776&h=www.kennedy24.com&e=p&u=45028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 16 Jan 2024 14:21:59 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 120512
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: c47c8121-701e-0006-26b6-16ef48000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 846702109ea73719-FRA

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame DDEE 474 B
866 B 43ms
15ms Fetch
application/json 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-93.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:38 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 22
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: jzYFL4sn-WBMoFE0Pgsl5AKDrD7SagH4kL-Kg62ZIWMKKTwkzP4jZQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame DDEE 474 B
864 B 35ms
16ms Fetch
application/json 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-93.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:38 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 22
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: fpkYPiO_mwNJbo9vILo2fHUcW_D174RFrAc5V4QLiUNUO4HwL4gzdw==

GET
H2 200 -710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js Show response
www.google.com/js/bg/ Frame 6F7A 17 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6910
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 07:45:01 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6F7A 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 66305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6F7A 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 399303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6F7A 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 65068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 30A0 474 B
864 B 16ms
15ms Fetch
application/json 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-93.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:38 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 22
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: S_FUO0yxlITL-Nva9L6NoALFL4p-Nf2V1XScZ2WokeCYyHmwM41pRQ==

POST
H2 200 csp-report
q.stripe.com/ Frame B9B5 0
490 B 483ms
370ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920282769
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1705414920281857
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B9B5 87 KB
14 KB 17ms
17ms Script
text/javascript 2600:9000:225b:b200:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:b200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:20:41 GMT
content-encoding: br
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 79
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: MUC50-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: XbIW2mePznRybYnoRbP4OY5M_RJq40dSnrh6UL8olKZE9RNVOg5S0Q==

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 6F7A 102 B
135 B 23ms
23ms Other
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=sd40476g1c8f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:21:59 GMT

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame DDEE 2 KB
3 KB 305ms
233ms Fetch
application/json 198.202.176.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d4a463713906b7c660153fe46849c72cf95af996aaac14be7c87b3e9f8ece2ec

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2481
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 8FCA 19 KB
8 KB 64ms
63ms Document
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e51ae116b672debc3755c6a906e6cc2c97628d3544de9e58276df06f6edfe496

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dyZ1Hgei0akpJ043AEUUOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dyZ1Hgei0akpJ043AEUUOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 16 Jan 2024 14:21:59 GMT
expires: Tue, 16 Jan 2024 14:21:59 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 566ms
299ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920454088
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1705414920453593
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 568ms
302ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920453909
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 8
x-stripe-client-envoy-start-time-us: 1705414920453490
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 446ms
181ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920334725
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1705414920334068
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
273 B 554ms
297ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920453002
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1705414920452699
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 30A0 474 B
864 B 16ms
16ms Fetch
application/json 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-93.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-86725cc35851d08d71f57f993ab9f2e3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:38 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 23
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: PjE_u7oP10vUePDHTfomz_fzBMo7-nMwQADXFITzy0e8fP8XVDOVbg==

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 8FCA 158 KB
56 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhwtxCCfvKFOf9zzcukEIKUza5Xag/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdb3213b77654cd277f6d059d630a3e34089b3a49303b66668447b42c658159a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57424
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 04:38:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 09:56:45 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8FCA 2 KB
2 KB 117ms
117ms Other
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 6 Show response
m.stripe.com/ Frame B9B5 156 B
669 B 544ms
183ms XHR
application/json 34.211.17.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.17.226 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-17-226.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ffac477c301582767fb1cd319ae49932742c7625c44388aaab27cd9ee8999ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920536004
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705414920535332
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 8FCA 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0TxQ66sf9GelOI7rbVolu0C8s3Q/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhwtxCCfvKFOf9zzcukEIKUza5Xag/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a14509305d676d532c0994b24a812ea8866033eee44721f0c66ddbed1d4f5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27625
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:03:22 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 8FCA 1 MB
377 KB 69ms
69ms XHR
text/html 2a00:1450:4013:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c00::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd5bb14f3ffab97ea6d66618c32d0b2c9d4fe3a3a92a3df865b2163e1cf77ad8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kd-KuIPj1ShqjCKg6W77QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kd-KuIPj1ShqjCKg6W77QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 16 Jan 2024 14:22:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 8FCA 9 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0TxQ66sf9GelOI7rbVolu0C8s3Q/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9354f5ccc9edfd57c5650b4456932fb7accded65b54e9ba719478863eed67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3743
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:03:22 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGe... Frame 8FCA 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.htsUFnPup7k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.d-ksGeBOJ00.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0TxQ66sf9GelOI7rbVolu0C8s3Q/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a63c2cee85178a3337c8a8e1bc329c7daf1ed3593c3095418b05766cf358007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 04:21:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 18:03:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8FCA 131 B
156 B 92ms
65ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:22:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
43ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:22:00 GMT
expires: Tue, 16 Jan 2024 14:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8FCA 131 B
156 B 88ms
63ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:22:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
44ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:22:00 GMT
expires: Tue, 16 Jan 2024 14:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8FCA 131 B
156 B 89ms
64ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:22:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
44ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:22:00 GMT
expires: Tue, 16 Jan 2024 14:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8FCA 131 B
156 B 88ms
63ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:22:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 78ms
45ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:22:00 GMT
expires: Tue, 16 Jan 2024 14:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 6F7A 13 KB
9 KB 58ms
58ms XHR
application/json 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbf7151bc99808f855eb248b0ec1db655bd7941196e76f02b9edb8799aea07d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=sd40476g1c8f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 16 Jan 2024 14:22:00 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
273 B 361ms
361ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920506105
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1705414920505642
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html Show response
js.stripe.com/v3/ Frame 642F 71 KB
24 KB 19ms
19ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

31974f89c6752e664ed419116aafe7c306f4d43c6c2ea57776fbbfa0d4c12418

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-1D+1LyqJfTcuWCwBSIqNB625Fdh7tn7BZ9YCctu+2DE='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 25
cache-control: max-age=60
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-1D+1LyqJfTcuWCwBSIqNB625Fdh7tn7BZ9YCctu+2DE='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:22:00 GMT
etag: W/"50d47d6212e34f567af4a5cc45d36923"
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: FbQsuLWGJUge3WCL7Q5tDLCcTnlmxp_5W5jKQqrBGtf8H00hypJ9iw==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
273 B 342ms
342ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920506110
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1705414920505788
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
35 KB 17ms
17ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:38:23 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2843
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Cloudfront
etag: W/"f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: jt58et2U-2ZQ9sIaMH6AflzAgVoKNHY3t660oYc4yAZ8oO_KEEFeYw==

GET
H2 200 elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html Show response
js.stripe.com/v3/ Frame 6E76 77 KB
30 KB 18ms
18ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

69e859f352bba5e6cef30930a8a1c2c055d0c16daf9f8eeb0a2f98b653e22df4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 666
cache-control: max-age=31536000
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:10:57 GMT
etag: W/"a8f574dc3e90553d267eeaa0d2b7dc5d"
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: 45DLc532KyHejkM-B8AR0ZCTUPOVf7MqjsLK3COcZg1xzlCoPW8B1g==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 332ms
332ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920506068
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1705414920505804
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 8FCA 131 B
156 B 66ms
66ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:22:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 44ms
44ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:22:00 GMT
expires: Tue, 16 Jan 2024 14:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 8FCA 131 B
156 B 55ms
55ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 14:22:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 45ms
44ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 16 Jan 2024 14:22:00 GMT
expires: Tue, 16 Jan 2024 14:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 642F 0
716 B 319ms
319ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920507395
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920505934
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6E76 0
715 B 321ms
321ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920506926
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920506001
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6E76 0
716 B 327ms
326ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920506696
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920505999
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6E76 533 KB
117 KB 17ms
17ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 887
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ffEcdGX8YaVa3nGNO-0ciUF4r1f1HyL1PRewt39DyVwH-yhzt55igw==

GET
H2 200 elements-inner-link-button-for-card-8a7b6f6354c282b6a4fac964ea39980a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6E76 24 KB
9 KB 19ms
19ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-8a7b6f6354c282b6a4fac964ea39980a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

71cb66aea504951c7d2499622f35a263da91af2fd72b6efd2889657da0e8b817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:18:12 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 230
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:37 GMT
server: Cloudfront
etag: W/"ce0bb5b197c6330c3e2d69a66d1f828d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: E7t7p5B_BirUelpl8J3fR23Cd9AoQZxSH16Idjr7-PK-I1pgsXJPqw==

GET
H2 200 elements-inner-link-button-for-card-5eea9779eabe486a801d5564f8c44131.css
js.stripe.com/v3/fingerprinted/css/ Frame 6E76 25 KB
4 KB 16ms
16ms Stylesheet
text/css 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-5eea9779eabe486a801d5564f8c44131.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

042e2de0cb5720f25c17d0c9d40fbf5d1a5711c3e5e275ca939a36298e69117a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a8f574dc3e90553d267eeaa0d2b7dc5d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:11:07 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 654
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 05 Jan 2024 18:04:14 GMT
server: Cloudfront
etag: W/"292bfff48a65329a3b7ce317998188f4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dmLVoNSgRWAoZYLfDByDEUX4EaVvochxyZA_qF6t_wRjzC4F_1ZCwA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 642F 474 B
863 B 15ms
15ms Fetch
application/json 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-93.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:38 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 23
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: Jsouq9Ko9bdhjk5uVs2yhz_gr_j6oRyg-Dmoz-ukIt71__R0yXczng==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.5/ Frame 0931 419 B
911 B 722ms
694ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-50d47d6212e34f567af4a5cc45d36923.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dc6595888a7c665fa78c126de038bec35fb7f8674ab928e00e9e1f9f46adffb3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60
content-encoding: br
content-length: 282
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 14:22:01 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-request-id: 02508bd9-c116-4362-8ec6-325090c157be
x-served-by: cache-fra-eddf8230088-FRA
x-timer: S1705414920.323191,VS0,VE684

GET
H2 200 elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html Show response
js.stripe.com/v3/ Frame 82A7 820 B
2 KB 16ms
15ms Document
text/html 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3ca288f9e9c0ac3ce554de6789f28ab8a6b5e4483689f8c58e36208d40daa4d7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1446
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 13:58:02 GMT
etag: "af0cf8bddc229e22339e6d1a80a19d72"
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: PSZkFnyIQTqyRPBEWIa7C96DRF0dFF9LMuNhphiRG0Po7J5BMGSoZg==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 14 KB
14 KB 19ms
17ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:32 GMT
server: cloudflare
age: 14617
etag: "6568cc1c-3904"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84670213ecdd6907-FRA
content-length: 14596

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 17 KB
17 KB 26ms
24ms Font
font/woff2 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 18071
etag: "6568cc22-426c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84670213ece66907-FRA
content-length: 17004

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
273 B 308ms
308ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920508027
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1705414920506786
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-64da66ea531d8772e50e735fb155daaa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 82A7 533 KB
117 KB 22ms
21ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:07:22 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 887
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:39 GMT
server: Cloudfront
etag: W/"b2fc200c53b5cadce155fb305bce471a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Y-OAcAM3JW1UDolP49u9F_hjDOxlcz0kXnj8B5DbxhHoB4eHqHH_ig==

GET
H2 200 ui-shared-260909cda3d3b355462e5847597128b0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 82A7 408 KB
104 KB 20ms
19ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-260909cda3d3b355462e5847597128b0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1f643112eac47832d85f858d25e911857cee99c566528f17921909e0eb82016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:12:15 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 696
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:40 GMT
server: Cloudfront
etag: W/"67c7778f59449f7b2ebd50e4c0aa2244"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WWyUQGcmHS4qrJ42yM-Y9s64ACtSTNvxFpDWJh1XRMt1E7MlZ21UBw==

GET
H2 200 elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 82A7 72 KB
25 KB 24ms
23ms Script
text/javascript 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:14:18 GMT
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 466
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 18:09:19 GMT
server: Cloudfront
etag: W/"ac57b4658a09416a9b023bb26ee29cac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5_K9N7q0vH_zeQXnVUMv74bSWtAYKiNJBXgmSaqAltv7r-7Ee8Vmmg==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 82A7 20 KB
3 KB 19ms
18ms Stylesheet
text/css 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:41:17 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2570
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yLIPZBCvqWjIhkiX6RG2Egy0HImJpADz0dlh_9vBlO8spUDsUFab0Q==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 82A7 11 KB
3 KB 25ms
24ms Stylesheet
text/css 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-93.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:21:34 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 30
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:44 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 2-IfMuUlVncTISVYx7V2g7u7xsr0pPRgq5pcjrMEbKxpgqvEqFKEjw==

POST
H2 200 csp-report
q.stripe.com/ Frame 82A7 0
715 B 281ms
279ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920508090
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920507546
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 82A7 0
715 B 299ms
297ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920508770
x-envoy-upstream-service-time: 9
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705414920507232
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 82A7 474 B
864 B 16ms
16ms Fetch
application/json 108.138.36.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-93.muc50.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-af0cf8bddc229e22339e6d1a80a19d72.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:21:38 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jan 2024 21:47:32 GMT
server: Cloudfront
age: 23
x-amz-cf-pop: MUC50-P2
etag: "60455c1489f3dd8c3e61d0d8d0031cfd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: _7QPtuxBhYHINpD3LecBrkK0Za7_FKw8fqIdhQxC3ZlxQcvk3n0E5A==

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 229ms
229ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:00 GMT
x-stripe-server-envoy-start-time-us: 1705414920507661
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1705414920507366
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame B9B5 156 B
668 B 182ms
181ms XHR
application/json 34.211.17.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.17.226 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-17-226.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ffac477c301582767fb1cd319ae49932742c7625c44388aaab27cd9ee8999ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920724285
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705414920723642
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame B9B5 156 B
668 B 230ms
230ms XHR
application/json 34.211.17.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.17.226 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-17-226.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ffac477c301582767fb1cd319ae49932742c7625c44388aaab27cd9ee8999ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 16 Jan 2024 14:22:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414920773757
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705414920773246
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 187ms
187ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:01 GMT
x-stripe-server-envoy-start-time-us: 1705414921081574
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 12
x-stripe-client-envoy-start-time-us: 1705414921080830
access-control-allow-credentials: true
content-length: 0

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame 0931 326 KB
92 KB 38ms
16ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:22:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 0
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 846702188ebb9265-FRA
x-amz-cf-id: H6g2HInxQ5wLZLKkM0cw39nstI9ThUtQKqBO-nMOKzQO3676PhPSzw==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0add53ca.1de579cf511b43bc65a2.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.5/ Frame 0931 114 KB
37 KB 8ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0add53ca.1de579cf511b43bc65a2.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

33802dcaf064160abe39c1ca2da22157e70ab0d2f8545052b8b86db74cf583e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 16 Jan 2024 14:22:01 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 407711
x-cache: HIT
content-length: 38070
x-request-id: 90cc65f7-e331-43a8-bc60-cc44c3428413
x-served-by: cache-fra-eddf8230088-FRA
server: Fastly
x-timer: S1705414921.020041,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7794

GET
H2 200 HCaptchaInvisible.be818dab0eb19864cd9a.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.5/ Frame 0931 17 KB
7 KB 8ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.be818dab0eb19864cd9a.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5ac9af9c3b64a5becaabad6c63f57e4ffe0324d1fa331ec53e0a35b5fcb09fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.5/HCaptchaInvisible.html?id=2f0cb3b3-b2bb-446f-af5f-52a5f253c6f4&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 16 Jan 2024 14:22:01 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 407698
x-cache: HIT
content-length: 7158
x-request-id: a1da4b5a-c978-4df5-9efb-da7e81dd7bd2
x-served-by: cache-fra-eddf8230088-FRA
server: Fastly
x-timer: S1705414921.020034,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7643

POST
H2 200 csp-report
q.stripe.com/ Frame 0931 0
488 B 175ms
175ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=billions&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 16 Jan 2024 14:22:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705414921107482
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1705414921106870
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/2a00369/static/ Frame 7CD5 2 KB
1 KB 28ms
21ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=x32ffixjnte

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1938603f3413dc6509360bdad38d884f80df281077ac21ae711adf526b97d38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 321156
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 84670218cef49265-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 14:22:01 GMT
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-cf-id: h-ikcXBPvRS7kbq6pIKyZhK_d-k-YjibFrd3IQo4IAiQaphEqzFPcA==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: 5seh2Fy1m5uAejWNOpND.L8.XAC93K8_
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 30A0 0
275 B 186ms
186ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:01 GMT
x-stripe-server-envoy-start-time-us: 1705414921174832
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 12
x-stripe-client-envoy-start-time-us: 1705414921174189
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2a00369/ Frame 7CD5 326 KB
92 KB 15ms
14ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=x32ffixjnte

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=x32ffixjnte
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:22:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 321182
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 84670218ff309265-FRA
x-amz-cf-id: H6g2HInxQ5wLZLKkM0cw39nstI9ThUtQKqBO-nMOKzQO3676PhPSzw==

POST
H2 200 checksiteconfig Show response
api2.hcaptcha.com/ Frame 7CD5 719 B
995 B 42ms
33ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.hcaptcha.com/checksiteconfig?v=2a00369&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c08830f80b88a8a5be82fba515470c6f826e5aff7fc0e4a67f9ea417ac17abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 16 Jan 2024 14:22:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 846702194f7a9265-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/3a84c15/ Frame 7CD5 506 KB
220 KB 16ms
16ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/3a84c15/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1fc509673c7bfa18deea5a1fab54ca33fb84b961a46a32f27f5e595b9630a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=x32ffixjnte
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 14:22:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: WxGex9z4fR9K3hI3pY622MyGuT5HJV8e
age: 474397
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jan 2024 17:07:55 GMT
server: cloudflare
etag: W/"22965986ade7ea3c1e439a2ed4224345"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 84670219790c904c-FRA
x-amz-cf-id: HmmiVdB1yj927CXzIcP_Pn9H2XjG1iWZXaeRsQzHlIPqoNU0Gq1-FQ==

POST
H2 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame 7CD5 3 KB
2 KB 168ms
143ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f71e24a366e049f5f37c32dab971869d7bacce27dbf672a03252eb48561e8645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Jan 2024 14:22:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 8467021ae8c89265-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 b Show response
r.stripe.com/ Frame DDEE 0
274 B 178ms
177ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 16 Jan 2024 14:22:02 GMT
x-stripe-server-envoy-start-time-us: 1705414922169793
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1705414922169506
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=5uplb7es0yr

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 22:02:46	Name: _GRECAPTCHA Value: 09APYnBZWOkTDNso_ZHd3mYwpurixxMWN9EranZQFb21Vatho6sCZP8OhKhPwDA2N-dcn4WaZNf1q7FNr-iUpgQEc
paracom.paramountcommunication.com/	1970-01-20 17:53:39	Name: AWSALB Value: Dw7vRpYn9cjwLSHs5LdS75EOfV/5CJCKMLDwbwxu2uskvQ/rzrB3mzHN12aSWmsqFSkwRjlQT8GfWDDmr4CPAoxC4OsAepwqtOTtchHVld/bph4xY4RUI27Yilsn
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_token Value: JSIDqdb0w77n%2BRdOQGT7M3nL%2FXiP%2FW9hcAXoYoj2%2B7M%3D
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_session Value: d9202e8d21f17022cebcdb542a5a9c97
.www.kennedy24.com/	1970-01-20 17:43:36	Name: __cf_bm Value: iiLqFopJQ3sTjRy3oRGN3mJypJg9u36eV00l_lPLsLQ-1705414918-1-Ae2vOZtypJYCnifO6vkFed/MTotTn/7JNQoWsKTyZMR4owYbvtUaz8d9rsWykmjz/Vo/aSMuiTA0yDsOYpEupl0=
.nationbuilder.com/	1970-01-20 17:43:36	Name: __cf_bm Value: _w6shZUuf.M0nZ5ea4oXNYrm4vBCJ4OB6t1vzctRtI8-1705414918-1-AeVbd7kWmqjcrK3ZcAI/hZEIOhihZsbPj5JaFp9Crvr506OZTZ+POu7jcQmkMPlIMvd2b1it66NsgSugH7CFoDk=
.kennedy24.com/	1970-01-21 03:19:34	Name: _ga_CAPI12345 Value: GS1.1.1705414919.1.0.1705414919.0.0.0
.kennedy24.com/	1970-01-21 03:19:34	Name: _ga Value: GA1.1.799340496.1705414919
.kennedy24.com/	1970-01-20 19:53:10	Name: _gcl_au Value: 1.1.1445459041.1705414919
.doubleclick.net/	1970-01-20 17:43:35	Name: test_cookie Value: CheckForPermission
.kennedy24.com/	1970-01-20 19:53:10	Name: _fbp Value: fb.1.1705414919362.2046932990
.t.co/	1970-01-21 03:19:34	Name: muc_ads Value: d46107d4-a0e1-44e0-a2f8-f97c6520e1ff
.twitter.com/	1970-01-21 03:19:34	Name: guest_id_marketing Value: v1%3A170541491934184497
.twitter.com/	1970-01-21 03:19:34	Name: guest_id_ads Value: v1%3A170541491934184497
.twitter.com/	1970-01-21 03:19:34	Name: personalization_id Value: "v1_lPuQf/YkUOUhMQ2B3wozeQ=="
.twitter.com/	1970-01-21 03:19:34	Name: guest_id Value: v1%3A170541491934184497
.kennedy24.com/	1970-01-21 03:19:34	Name: _ga_JWBYYEB6SQ Value: GS1.1.1705414919.1.0.1705414919.60.0.0
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .wm5qtEctiMcNbAwlWLyN9y1hjBjatR6x15Uioj6fss-1705414919684-0-604800000
.www.kennedy24.com/	1970-01-21 02:29:10	Name: cf_clearance Value: JXLGIKsi8K8zXRDGIh_uY7b7jNUjsM9k6KmJTMAY4.k-1705414919-1-AfZztoS7V+cKZp4s3KbEaXrCWHGz5EbV+WM+VnYjlE8LlLMjjChL5uCf6N/IjxuXwHHShyZBXlq8czQ6u29pRx0=
.google.com/	1970-01-20 22:07:06	Name: NID Value: 511=WK-SFz28YM0mH2XOVxoCFWPa6uurnyAMsYy5QA4uIJW4vnliiCmt1iGs0lmh7NYaUt_Is5Er1AVzWwG4nhm7jZDbMVyzvTmeaSfwAgOYEpN4R5QzycKs_yB4pWFcKsc6vzy5Xiyfh4zVm2Wu7JAphWCFaItS8-49TC5dLeTAuWo
m.stripe.com/	1970-01-21 03:19:34	Name: m Value: 55405198-3c72-4f92-b843-8cde896077e418cf06
.www.kennedy24.com/	1970-01-21 02:29:10	Name: __stripe_mid Value: ca11f2fc-09de-4dd5-82b7-69126296c6e4c0d197
.www.kennedy24.com/	1970-01-20 17:43:36	Name: __stripe_sid Value: 23430a95-dbaf-40bd-9c81-95ff903508083ff21d
api2.hcaptcha.com/	1970-01-20 17:43:36	Name: __cflb Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCnHz4KTaEqXj
api.hcaptcha.com/	1970-01-20 18:26:46	Name: hmt_id Value: dc199ed1-b309-42b0-8285-66029b936551

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.hcaptcha.com
api2.hcaptcha.com
assets.nationbuilder.com
b.stripecdn.com
connect.facebook.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
googleads.g.doubleclick.net
hcaptcha.com
joinkennedy.nationbuilder.com
js.stripe.com
ka-f.fontawesome.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
newassets.hcaptcha.com
p.typekit.net
paracom.paramountcommunication.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
rs.fullstory.com
server-side-tagging-ptjx4tds2q-uc.a.run.app
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.kennedy24.com
www.lightboxcdn.com
www.recaptcha.net
www.recaptcha.net
104.19.219.90
104.244.42.131
104.244.42.197
108.138.36.93
146.75.116.157
151.101.64.176
198.202.176.81
2001:4860:4802:32::36
2001:4860:4802:38::35
2600:9000:225b:b200:19:7d10:bd80:93a1
2606:4700:10::6816:3b64
2606:4700:4400::6812:2844
2606:4700:7::a29f:802d
2606:4700:7::a29f:8a2c
2606:4700::6810:3865
2606:4700::6813:d483
2606:4700:e4::ac40:a507
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9b
2a00:1450:4013:c00::5c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.211.17.226
35.186.194.58
35.201.112.186
52.38.171.38
54.187.119.242
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
042e2de0cb5720f25c17d0c9d40fbf5d1a5711c3e5e275ca939a36298e69117a
0a14509305d676d532c0994b24a812ea8866033eee44721f0c66ddbed1d4f5dc
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0d3b5d49d684b418f9774cf82e00340ac4d0e40a39a985d73e0f880ad801cec8
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb8affc0ad0f6449490148a0ec45435d64f1494b92ad385f266b9b86d7aa076
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
1d9cb11e03f12b8ae3ff94372e8a7f692f92b69b62b18eaf42f400b7ddac2ed6
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
28c84c299c77064e01c76d66bd64ca5adec6a7d14668beec7c1fa2ba8b8c07d4
29b76a1beac0164b0c37a3db031f3ec42cfbcf0de22ffe8e8e8d6f6c11885229
2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9
31974f89c6752e664ed419116aafe7c306f4d43c6c2ea57776fbbfa0d4c12418
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
33802dcaf064160abe39c1ca2da22157e70ab0d2f8545052b8b86db74cf583e0
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
382f659124971678bcd8e78c90460cfc87cfd0e9077f2012ff5368f0bf58ea8b
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3c08830f80b88a8a5be82fba515470c6f826e5aff7fc0e4a67f9ea417ac17abe
3ca288f9e9c0ac3ce554de6789f28ab8a6b5e4483689f8c58e36208d40daa4d7
3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7
3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
4249d6eefdf3f232e1e673d9f2526767c25ba6585d7712107c1994bd63c270da
473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4a63c2cee85178a3337c8a8e1bc329c7daf1ed3593c3095418b05766cf358007
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
52c8cfbf05223ab03607c88608ecc0419becb8df5884a096a030115b0958a230
549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57
558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac9af9c3b64a5becaabad6c63f57e4ffe0324d1fa331ec53e0a35b5fcb09fb1
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
69e859f352bba5e6cef30930a8a1c2c055d0c16daf9f8eeb0a2f98b653e22df4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
71cb66aea504951c7d2499622f35a263da91af2fd72b6efd2889657da0e8b817
74555b53d117ce3eede0e874b2a4ba7ca46fb33c790bcc76de43bf6428b60071
74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78
751c35af08d9aa58dc304762b4696f0b56e3debcba775d38db4a9d87ceb1ff12
7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932
77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e718f629db56047e34605c878d5c8b2c6bd6cc9aaaea13ab7ca02b7fde8792f
7f77f30815a97a6c4e1317eb1bd7164e41738c9344f7f8ab1ca95b36cd2678f2
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88513ef8ce83b1745cc065850e59f08ac1a31beb71d7bf2841a420d69be3c827
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8be140aa29933fbd06ff9c2e16bdd9c4bdf4b5fabf13e329998b6401962c4f02
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9d9354f5ccc9edfd57c5650b4456932fb7accded65b54e9ba719478863eed67f
9dbda455657931eab9cf12e737b736be32e13ccb4cdeed66996209414f028c8c
9de821f81cf048400b048ede572fda6bec4ec4fdad2ea8d9412001605c7ab463
9e3e497a4d1f69db3107c7e48aa80c36323930ba79176d7ea58c144097a1954d
a1f643112eac47832d85f858d25e911857cee99c566528f17921909e0eb82016
a25071dc8b8fea33f964a353594f9712e0351e95478f31d6ab313596344ee3ce
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec
a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c
a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d
b04d1b0db347e3217b38ce86eaa71a857e7cdadc449ba67619b71184f016fece
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
b21618047d21c2ccc729f3980d873c18c718dd47193067746031a527a0354c7c
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027
b9609e13befde8e8bcaea0824bd0bb4a109019fc10d3aa1a392b314a0a082882
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb1fc509673c7bfa18deea5a1fab54ca33fb84b961a46a32f27f5e595b9630a3
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc36d7ef97ab9f8cec6a6ef5e8e611d750f940460ba845d68317a075e821157
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0732c3265c7da0a8097b8df053dc54c197fd07ada11c540962dd907602ed181
d1938603f3413dc6509360bdad38d884f80df281077ac21ae711adf526b97d38
d379f8954798c4d2a31528c537dea2b2e91cf1f9f1714161257c0e040c349243
d4a463713906b7c660153fe46849c72cf95af996aaac14be7c87b3e9f8ece2ec
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11
dbf7151bc99808f855eb248b0ec1db655bd7941196e76f02b9edb8799aea07d8
dc6595888a7c665fa78c126de038bec35fb7f8674ab928e00e9e1f9f46adffb3
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51ae116b672debc3755c6a906e6cc2c97628d3544de9e58276df06f6edfe496
e5f5592d52a43ed2d23099328752f493d908c0f1f65190571051cb8d89221539
e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a
edb51485976205950b2767d5589f75f915db91ce2b1a6aa6193c120cdcc6e56a
eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f66a96e9a973ac7e4e920aeeba6ac52ccbc8e192f75a2baa96860cc097b6a2db
f71e24a366e049f5f37c32dab971869d7bacce27dbf672a03252eb48561e8645
f7d6bf885df070e136b92758d221686043755a4647f408daf26bd446191539b2
fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f
fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd5bb14f3ffab97ea6d66618c32d0b2c9d4fe3a3a92a3df865b2163e1cf77ad8
fdb3213b77654cd277f6d059d630a3e34089b3a49303b66668447b42c658159a
ffac477c301582767fb1cd319ae49932742c7625c44388aaab27cd9ee8999ee8

www.kennedy24.com Open in urlscan Pro 2606:4700:7::a29f:8a2c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

98 %HTTPS

70 %IPv6

26 Domains

47 Subdomains

41 IPs

5 Countries

4737 kBTransfer

16729 kBSize

25 Cookies

7 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:8a2c Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

98 %
HTTPS

70 %
IPv6

26
Domains

47
Subdomains

41
IPs

5
Countries

4737 kB
Transfer

16729 kB
Size

25
Cookies

194 HTTP transactions
2 data transactions