urlscan.io logo urlscan.io
SecurityTrails logo

www.dunkinfun.com Open in urlscan Pro
23.56.207.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.dunkinfun.com/
Submission: On September 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 48 HTTP transactions. The main IP is 23.56.207.106, located in United States and belongs to AKAMAI-AS, US. The main domain is www.dunkinfun.com.
TLS certificate: Issued by R3 on September 21st 2023. Valid for: 3 months.
This is the only time www.dunkinfun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 23.56.207.106 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.217.79.52 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
48 10
34    23.56.207.106 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-207-106.deploy.static.akamaitechnologies.com
www.dunkinfun.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f083:9:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.217.79.52 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
eprize-content.s3.amazonaws.com
4    2a03:2880:f177:185:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
34 dunkinfun.com
www.dunkinfun.com
589 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
249 B
2 amazonaws.com
eprize-content.s3.amazonaws.com — Cisco Umbrella Rank: 591820
70 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
88 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
1 gstatic.com
www.gstatic.com
182 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
11 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
28 KB
1 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 11170
32 KB
48 9
Domain Requested by
34 www.dunkinfun.com www.dunkinfun.com
4 www.facebook.com www.dunkinfun.com
2 eprize-content.s3.amazonaws.com www.dunkinfun.com
2 connect.facebook.net www.dunkinfun.com
connect.facebook.net
2 www.google.com www.dunkinfun.com
www.gstatic.com
1 www.gstatic.com www.google.com
1 cdn.jsdelivr.net www.dunkinfun.com
1 cdnjs.cloudflare.com www.dunkinfun.com
1 pro.fontawesome.com www.dunkinfun.com
48 9

This site contains links to these domains. Also see Links.

Domain
dunkin.promo.eprize.com
Subject Issuer Validity Valid
le1.pls.merkleinc.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-07 -
2023-09-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://www.dunkinfun.com/
Frame ID: F9E25C15C6440BC4797DE2D7F596C3BD
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4fccnAAAAAJvoOuI7M6vkCd-l-Vh69fCfx6q_&co=aHR0cHM6Ly93d3cuZHVua2luZnVuLmNvbTo0NDM.&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=ri1gnkzgn3z9
Frame ID: C672DB9F5E7BE081A8BCDE7634B75589
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dunkin' Fall Festival

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

10
IPs

3
Countries

1003 kB
Transfer

2449 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dunkinfun.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b4b1886d3437d5dd246c4b6db05701ffb95f01bb460dc83fcc88584d3d2b155
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-language
en-US
content-length
1798
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 22 Sep 2023 21:34:44 GMT
etag
W/"ed1-A7eKpu5fhl3fTfkoAaktoj1DQ4U"
expires
Fri, 22 Sep 2023 21:34:44 GMT
origin-agent-cluster
?1
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mTOE,3
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
all.css
pro.fontawesome.com/releases/v5.15.1/css/ 		170 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.15.1/css/all.css
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830

Request headers

Referer
Origin
https://www.dunkinfun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:44 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
QYWDHXTYV3X2C2D5
age
62659
x-amz-id-2
53U1KwStKlNADEmjQefPSa652mIO1T+SXj8iPNb8pcGiO1X+iuogag4mjk4j6dcKIOn8sUB+Y5tMhoePtsL8lLQv+mOvkBZUkP5lG5pQLEs=
last-modified
Mon, 28 Jun 2021 17:18:07 GMT
server
cloudflare
etag
W/"95fe9653f2c45892b7e58090566f510f"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31556926
cf-ray
80adac7aefc61e53-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.dunkinfun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3440515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6d3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vp5lVX0xskX%2FAD673uzg%2Bw5ETqgHtJM4Kna4r%2BbvFV7YoziLmaEjwtRZTZqwMcllV8jUsMn6jaLWyUfRMhL4Uw%2FJzOHNC37Yz9U5Xmwi8TFQVMtCLI%2BRpAY8nEiEk8pIqrXs9ubNpHDG6n6Y2LDQ%2B2t5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80adac7adef43a4a-FRA
expires
Wed, 11 Sep 2024 21:34:44 GMT
slick.min.js
cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@accessible360/accessible-slick@1.0.1/slick/slick.min.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18363562
x-jsd-version
1.0.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230058-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"aa39-F/+INHoWuPhKTMUEacs+KfI31SM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCWADOQQcWhNrmQvy94QCvQlIRyh884OW16KlXIKqZter6JJtYvBQgSpzJDC8HMUygDifUFsUMbWKtEl9aYOs8D%2BJcMkzt%2FD25627CwhQ2EOWfsE7NIVztE2Rngvtg8Njd1M5QCge%2BluE2CFrSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
80adac7aea4c1c44-FRA
chunk-vendors.9a5e4ca7.js
www.dunkinfun.com/public/build/js/ 		361 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d14eca09db2b1496e78a72f70fbbb45ae3e7e18419990ce4a5d1f73b394ffc98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
129088
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"5a5b1-18abe8848c5"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=231
accept-ranges
bytes
chunk-main-vendors.986a90b3.js
www.dunkinfun.com/public/build/js/ 		206 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/js/chunk-main-vendors.986a90b3.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db0bc90f41eada3168c7e333548bfae8879bea814de69e4b09a300e8b5d87ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
85039
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"337c9-18abe8848c3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=589
accept-ranges
bytes
chunk-common.41bd74f7.js
www.dunkinfun.com/public/build/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/js/chunk-common.41bd74f7.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f6deef870ceb64441e60b626152143a6c46ec227e5b4407d45b0f010831f707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
938
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"662-18abe8848c1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=163
accept-ranges
bytes
main.5ac2212a.js
www.dunkinfun.com/public/build/js/ 		87 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/js/main.5ac2212a.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ee4afc5b80bdfa7a73b1fc32d1babf98d51e6f17d56575129085654394ca85dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
48859
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"15bcb-18abe8848d2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=342
accept-ranges
bytes
chunk-main-vendors.3d922148.css
www.dunkinfun.com/public/build/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/css/chunk-main-vendors.3d922148.css
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc26d12edbeeef8270bd9f0019117f44428a514da02936719938b7b9442fd382
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:44 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
1184
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"c4e-18abe88489b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=5
accept-ranges
bytes
main.0b0752e7.css
www.dunkinfun.com/public/build/css/ 		76 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/css/main.0b0752e7.css
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29786f92715512cb310de3018f81f1d1cf5162bf155f1a44d1ea780418312623
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:44 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
28770
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"13104-18abe88489b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=555
accept-ranges
bytes
5f6c78d8
www.dunkinfun.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/akam/13/5f6c78d8
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7755e9210c89ef4da0a75baac18592891b55e2cb25739ae417195bdd07eeb1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 21:34:45 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:12:28 GMT
etag
"11e9b1dbb09e9357bf680efa1ab6311ee631452f42bac36c0afc00a20656d57b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
8748
expires
Fri, 22 Sep 2023 21:34:45 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=6Ld4fccnAAAAAJvoOuI7M6vkCd-l-Vh69fCfx6q_
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ca0b7b4f912ce65750f7630f028509c294b6d5b667b007a39365583d9437e66
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 22 Sep 2023 21:34:45 GMT
4C24B
www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/ 		211 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf5075b49f746072cdbf2a9b810c881b7378c7397a9a30e413ed33b6b8e72aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:44 GMT
content-encoding
br
last-modified
Wed, 02 Aug 2023 16:14:24 GMT
etag
"1d10c697a08bff0b72b1c87c67afbc4d4eebf79b3faf98d14b6e72da524d1cb5"
stored-attribute-sha-checksum
cf5075b49f746072cdbf2a9b810c881b7378c7397a9a30e413ed33b6b8e72aa3
content-type
application/javascript
cache-control
max-age=21600
content-length
79625
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Sep 2023 21:34:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53243
x-xss-protection
0
pragma
public
x-fb-debug
O/HsepPJPADTdrdKjGcadOXcCymZp5NQee129+pbFCzSYi7383Pk34kaKMSH1fB2T048qa/+Mr22x6DO9JbfNg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
4C24B
www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/ 		18 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Sep 2023 21:34:45 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.dunkinfun.com
access-control-allow-credentials
true
x_req_id
67fd8cb7-097d-4a84-be26-fbbe43bb5dbb
access-control-allow-headers
Content-Type
content-length
18
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ 		453 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6Ld4fccnAAAAAJvoOuI7M6vkCd-l-Vh69fCfx6q_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.dunkinfun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185934
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 04:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 21:00:09 GMT
app
www.dunkinfun.com/api/ 		382 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/app
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a060d46566a2a5358c5aa7f9b013acfdadc1e48787b6dbdb138419f5d0288c6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
281
x-xss-protection
0
pragma
no-cache
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"17e-DtaOmpkOYwrBgdL0Bg9F2gtjuRM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
de-DE
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
max-age=0, no-cache, no-store
expires
Fri, 22 Sep 2023 21:34:45 GMT
__utm.gif
www.dunkinfun.com/ 		35 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/__utm.gif?utmwv=1.4&utmt=var&utmn=2092004602
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
last-modified
Thu, 20 May 2021 18:18:13 GMT
server
Apache
accept-ranges
bytes
etag
"23-5c2c6f76031e1"
content-length
35
content-type
image/gif
1451462278978969
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1451462278978969?v=2.9.128&r=stable&domain=www.dunkinfun.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
100ff0a10e8aed8b372d1e53f2988b4b23240d1007f780e521ba1a439f4b02aa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 22 Sep 2023 21:34:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
1PvlJdPELGYvTuMFKuaDZYuja+o/+msXf12fviaiuo3k8Lf3m4kBeTFdKcRwcwGv55jfyZSPEi+UooT+74VT1A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
en-US
www.dunkinfun.com/api/copydeck/ 		26 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/copydeck/en-US?nodes=buttons,global,links,share
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb0da5546d7d896d9eede850a97a1235043cbd58bb51435545ab51c380c11209
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
6424
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"68e9-3vP5SBlEsELvowFqO0JBrBd1XrA"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public, max-age=90
expires
Fri, 22 Sep 2023 21:36:15 GMT
en
www.dunkinfun.com/api/copydeck/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/copydeck/en?nodes=buttons,global,links,share
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c3a727eef9312122ed8ea2d5c41938eefe78dae45624ca11c2bf50d053471940
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
6336
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"68e9-n9ZBGQk6aMBtvvaJM4Vpy3ssSKE"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public, max-age=90
expires
Fri, 22 Sep 2023 21:36:15 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
anchor
www.google.com/recaptcha/api2/ Frame C672 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4fccnAAAAAJvoOuI7M6vkCd-l-Vh69fCfx6q_&co=aHR0cHM6Ly93d3cuZHVua2luZnVuLmNvbTo0NDM.&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=ri1gnkzgn3z9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JZB0qPht_09bRj5HfI6N0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JZB0qPht_09bRj5HfI6N0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 21:34:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
DunkinSans-Book.woff
eprize-content.s3.amazonaws.com/dunkin/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eprize-content.s3.amazonaws.com/dunkin/fonts/DunkinSans-Book.woff
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/css/main.0b0752e7.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.79.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
00388071f9695482ce386de707b92fd5c33fd79ee3a9e2abc4348050f7f7775c

Request headers

Referer
Origin
https://www.dunkinfun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 21:34:46 GMT
x-amz-version-id
MFnPgXzV9udyhfxsj.EmNVKlk4jQypCJ
Last-Modified
Fri, 11 Aug 2023 17:59:58 GMT
Server
AmazonS3
x-amz-request-id
3T2J5YT39BFJJ6R3
ETag
"0a3df5201c930eae76339a31a8bb1f8d"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
application/font-woff
Accept-Ranges
bytes
Content-Length
33316
x-amz-id-2
vf4bCjUlf8GCkS0cdq0ItbuYZuT26QkoX8XjTt1k1jCZbpeT3oNh0lI00vtdjYamf8WXm5emyI4=
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1451462278978969&ev=PageView&dl=https%3A%2F%2Fwww.dunkinfun.com%2F&rl=&if=false&ts=1695418485531&sw=1600&sh=1200&v=2.9.128&r=stable&ec=0&o=30&fbp=fb.1.1695418485530.861450835&it=1695418485338&coo=false&rqm=GET
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Sep 2023 21:34:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
4C24B
www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/ 		18 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Sep 2023 21:34:45 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.dunkinfun.com
access-control-allow-credentials
true
x_req_id
d5385f50-1cf7-451a-8f30-3e97a66e4ed0
access-control-allow-headers
Content-Type
content-length
18
eligible-states
www.dunkinfun.com/api/ 		420 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/eligible-states
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7242b09c1b6ca729b2f7792015c41386e1e3111f71d59995587afec4865e6d23
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
169
x-xss-protection
0
pragma
no-cache
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"1a4-G3C/lye7oirwysI97tDdSPPJ2H0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
de-DE
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
max-age=0, no-cache, no-store
expires
Fri, 22 Sep 2023 21:34:46 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1451462278978969&ev=PageView&dl=https%3A%2F%2Fwww.dunkinfun.com%2F%23%2F&rl=&if=false&ts=1695418485837&sw=1600&sh=1200&v=2.9.128&r=stable&ec=1&o=30&fbp=fb.1.1695418485530.861450835&it=1695418485338&coo=false&rqm=GET
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Sep 2023 21:34:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
profile.0a3cda16.js
www.dunkinfun.com/public/build/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/public/build/js/profile.0a3cda16.js
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/main.5ac2212a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
910c29e82652e5ae3b25259c55d659d2d4095c530441ada1d72f765676682846
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
15864
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"c951-18abe8848d4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=391
accept-ranges
bytes
dunkin-fall-festival-logo.884bfa38.png
www.dunkinfun.com/public/build/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/dunkin-fall-festival-logo.884bfa38.png
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fb4c4555766c101eb59845e4bb46d9fd9b9149d4d0148600519bae7905c2dff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
13322
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"34fa-18abe884940"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
origin-agent-cluster
?1
cache-control
public, max-age=600
accept-ranges
bytes
DunkinSans-ExtraBold.woff
eprize-content.s3.amazonaws.com/dunkin/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eprize-content.s3.amazonaws.com/dunkin/fonts/DunkinSans-ExtraBold.woff
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/css/main.0b0752e7.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.79.52 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b1652f8c2d94a8f1ecd0fe5a2f38b0f341dc75c8005b853e6f826d4c15928764

Request headers

Referer
Origin
https://www.dunkinfun.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 21:34:47 GMT
x-amz-version-id
jktrDr_DVSeMsdlvQqgoXqMImlsisijh
Last-Modified
Fri, 11 Aug 2023 17:59:57 GMT
Server
AmazonS3
x-amz-request-id
69GW4JKRAEVW38TD
ETag
"7d66cccf6ad84c4b93d6d092b9010eff"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
application/font-woff
Accept-Ranges
bytes
Content-Length
37236
x-amz-id-2
HRREOHSb27duVonlOzNGqhfPF/PU0VDOUbpyH/IKnx42INadUJuzzwlHg5OYwoZSPF9M41ZprfI=
__utm.gif
www.dunkinfun.com/ 		35 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/__utm.gif?utmwv=1.4&utmn=926355588&utmt=event&utme=5(Privacy*Display*Cookie%20Notice)(1)&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Dunkin%27%20Fall%20Festival&utmhn=www.dunkinfun.com&utmhid=1756594728&utmr=-&utmp=/dunkin/fallfestival/default
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
last-modified
Thu, 20 May 2021 18:18:13 GMT
server
Apache
accept-ranges
bytes
etag
"23-5c2c6f76031e1"
content-length
35
content-type
image/gif
en-US
www.dunkinfun.com/api/copydeck/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/copydeck/en-US?nodes=cookie_gate,footer,menu
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2134f469949c1ffbff915bb421cc0709cd3ce37fa52a5a70c37a09cd8fc39e88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
1882
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"108c-dh80FZ3+ny+aOAokFr2yBZO2O24"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public, max-age=91
expires
Fri, 22 Sep 2023 21:36:16 GMT
en
www.dunkinfun.com/api/copydeck/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/copydeck/en?nodes=cookie_gate,footer,menu
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2613a5ded31f5a70de953fddce31ad6bd4cb1f4444cd22b84406c25e1a6f5aea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:45 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
1883
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"108c-nBart02DGLFPUJP5clvHSjOouXA"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public, max-age=91
expires
Fri, 22 Sep 2023 21:36:16 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1451462278978969&ev=PageView&dl=https%3A%2F%2Fwww.dunkinfun.com%2F%23%2Flanding&rl=&if=false&ts=1695418485941&sw=1600&sh=1200&v=2.9.128&r=stable&ec=2&o=30&fbp=fb.1.1695418485530.861450835&it=1695418485338&coo=false&rqm=GET
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Sep 2023 21:34:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
header.7c96fcbb.png
www.dunkinfun.com/public/build/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/header.7c96fcbb.png
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dc1d401575bb2c0e96e3c6893e496bee055ccb09971cf0829e825f6fddcb776
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
28031
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"6e3c-18abe884946"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
origin-agent-cluster
?1
cache-control
public, max-age=600
accept-ranges
bytes
header_d.235fca04.png
www.dunkinfun.com/public/build/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/header_d.235fca04.png
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f6ea2b84e606bd33f0fbb917b45f03b1a2e0cb53d8587bbedcc33a5300430e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
22205
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"5775-18abe884946"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
origin-agent-cluster
?1
cache-control
public, max-age=594
accept-ranges
bytes
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80e6de9320f34d16f6aed5c1bbfdc15634b31a0076a36ae43c2f9bf58ba2083e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/png
members.67596d03.png
www.dunkinfun.com/public/build/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/members.67596d03.png
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
02858bd1748895b87a6af42920da89a6e792de48ea9fbd6db963896231733b60
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
11459
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"2d65-18abe88494c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
origin-agent-cluster
?1
cache-control
public, max-age=555
accept-ranges
bytes
prize.f028edf4.png
www.dunkinfun.com/public/build/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/prize.f028edf4.png
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2ac92fbf6f15018d59139b5595f2246fe007fab0cca4a1c938903bbd225e551
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
8919
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"2388-18abe884950"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
origin-agent-cluster
?1
cache-control
public, max-age=600
accept-ranges
bytes
mug.a9d0a9c2.png
www.dunkinfun.com/public/build/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/mug.a9d0a9c2.png
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98d020d3d47ad2753d798e6032e8f1c0094270992d123283d6028e546fb92c80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
28328
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"6e69-18abe88494c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
origin-agent-cluster
?1
cache-control
public, max-age=600
accept-ranges
bytes
week_1.cdf4a843.jpg
www.dunkinfun.com/public/build/img/ 		45 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/public/build/img/week_1.cdf4a843.jpg
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/css/main.0b0752e7.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd5ae364ed3e969f894a22b7d12e895cef6b9bf50bded418b0810a9388ff533a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
43587
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Fri, 22 Sep 2023 20:15:17 GMT
cross-origin-opener-policy
same-origin
etag
W/"b5b1-18abe8848a9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
origin-agent-cluster
?1
cache-control
public, max-age=589
accept-ranges
bytes
__utm.gif
www.dunkinfun.com/ 		35 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/__utm.gif?utmwv=1.4&utmt=var&utmn=612401153
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
last-modified
Thu, 20 May 2021 18:18:13 GMT
server
Apache
accept-ranges
bytes
etag
"23-5c2c6f7669d7c"
content-length
35
content-type
image/gif
__utm.gif
www.dunkinfun.com/ 		35 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dunkinfun.com/__utm.gif?utmwv=1.4&utmn=1401094812&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Dunkin%27%20Fall%20Festival&utmhn=www.dunkinfun.com&utmhid=1756594728&utmr=-&utmp=/dunkin/fallfestival/landing
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
last-modified
Thu, 20 May 2021 18:18:13 GMT
server
Apache
accept-ranges
bytes
etag
"23-5c2c6f76031e1"
content-length
35
content-type
image/gif
pixel_5f6c78d8
www.dunkinfun.com/akam/13/ 		0
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/akam/13/pixel_5f6c78d8
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/akam/13/5f6c78d8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
content-length
0
content-type
text/html
en-US
www.dunkinfun.com/api/copydeck/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/copydeck/en-US?nodes=carousel_alt_text,intro,landing,profile
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00be7d437acf68faf2f9e00df1609548a06bbc849d56ec62a58aa57f412a5265
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
4780
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"4155-eolPLz3BbQk7+lVK+fYXUIk4C0g"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public, max-age=90
expires
Fri, 22 Sep 2023 21:36:16 GMT
en
www.dunkinfun.com/api/copydeck/ 		16 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/api/copydeck/en?nodes=carousel_alt_text,intro,landing,profile
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/public/build/js/chunk-vendors.9a5e4ca7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffa9fb63ec7f4b06c6b132dcac87f91fc62d40b799c8fce21e56bef29aae54b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 21:34:46 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-origin
content-length
4795
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"4155-saOdNIEdLRZskAhFnpNzRuAGrOs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
de-DE
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
public, max-age=300
expires
Fri, 22 Sep 2023 21:39:46 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1451462278978969&ev=Microdata&dl=https%3A%2F%2Fwww.dunkinfun.com%2F%23%2Flanding&rl=&if=false&ts=1695418486051&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20Dunkin%27%20Fall%20Festival%20%22%2C%22meta%3Adescription%22%3A%22Play%20a%20rotating%20selection%20of%20games%20for%20chances%20to%20win%20one%20of%20thousands%20of%20instant%20prizes%20like%20a%20Fall%20Dunkin%E2%80%99%20Mug!%20NO%20PURCH%20REQ.%20Legal%20residents%20of%2050%20US%20(D.C.)%2018%2B.%20Ends%2011%2F1%2F23.%20See%20Rules%20for%20full%20details.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Welcome%20to%20the%20Dunkin%E2%80%99%20Fall%20Festival!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.dunkinfun.com%2F%3Faffiliate_id%3Dfbshare%22%2C%22og%3Adescription%22%3A%22Play%20a%20rotating%20selection%20of%20games%20for%20chances%20to%20win%20one%20of%20thousands%20of%20instant%20prizes%20like%20a%20Fall%20Dunkin%E2%80%99%20Mug!%20NO%20PURCH%20REQ.%20Legal%20residents%20of%2050%20US%20(D.C.)%2018%2B.%20Ends%2011%2F1%2F23.%20See%20Rules%20for%20full%20details.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Feprize-content.s3.amazonaws.com%2Fdunkin%2Ffallfestival%2Fsocial-share.png%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.128&r=stable&ec=3&o=30&fbp=fb.1.1695418485530.861450835&it=1695418485338&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 22 Sep 2023 21:34:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
4C24B
www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/ 		18 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.dunkinfun.com
access-control-allow-credentials
true
x_req_id
8f1dc106-7634-4505-834e-fd643b78966a
access-control-allow-headers
Content-Type
content-length
18
4C24B
www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/ 		18 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Requested by
Host: www.dunkinfun.com
URL: https://www.dunkinfun.com/0KJsQR/XJ/l0/xfVX/bGrzGZZCPh/5Lt1fJ4XLhi5c3/ZV46Lw/IDc0XQE/4C24B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.207.106 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-207-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Sep 2023 21:34:46 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.dunkinfun.com
access-control-allow-credentials
true
x_req_id
522268a6-6e26-4ec4-a20d-9e3acebba3a6
access-control-allow-headers
Content-Type
content-length
18

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery object| __initialAppState__ function| fbq function| _fbq string| bazadebezolkohpepadr object| _cf object| bmak string| _sdTrace object| webpackChunk_rocd_dunkin_fallfestival object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| clearImmediate function| setImmediate object| regeneratorRuntime function| _ object| __global__ string| urhehlevkedkilrobacf object| recaptcha object| closure_lm_860897 object| vueApp object| gaGlobal

10 Cookies

Domain/Path Name / Value
.dunkinfun.com/ Name: bm_sz
Value: A2209807428A8DFFCEB4C81BADC04B9A~YAAQPChDF3qrc56KAQAAYgjRvhXtdttE2lRupSVWKDYybC0ZoT0fMD3zi0VTx/EPM8yh1y7gedAHsPH/Vb+/NmsT5aw3Ov+2+AO0nH5ArbmStjP1QKi4QqvIm145KFLm99uRjOH+y0JaJ2I8oa0LSaF3/Cb2u0/PPbE7Gz/jyGISR5xgCBRfwPPyGaS/8t/U617LJ6/uL7lnWKoZcpa2gs1rem5pInx0AaKxd7xa3AngT7A835kl4d/DBpJhqNIXjyiFNkvCsJs7s+Z0VYehTM7da25ADZ98JYJy4UIbggkylwj9rVM=~4338486~4340016
.dunkinfun.com/ Name: __utmv
Value: 134484452.r%3D0%3Bc%3Ddef%3Bd%3Ddef%3Ba%3D
.dunkinfun.com/ Name: _fbp
Value: fb.1.1695418485530.861450835
.dunkinfun.com/ Name: __utma
Value: 134484452.926355588.1695418486.1695418486.1695418486.1
.dunkinfun.com/ Name: __utmb
Value: 134484452
.dunkinfun.com/ Name: __utmc
Value: 134484452
.dunkinfun.com/ Name: __utmz
Value: 134484452.1695418486.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
.dunkinfun.com/ Name: ak_bmsc
Value: AD21ABAAD5FCD45846BFE4AE62F8EED7~000000000000000000000000000000~YAAQPChDF5+rc56KAQAALw3RvhWH9b+mrkI8UXrhuTdLeVXEfTRb0/IytwhsQI3e+kUJuOp6hZfEyQuItEOlZs7oQ787VzGN9CaLK8UTQw2JUR3gAhrAwjRf1FzhMORZD8IrrwM4kOEXNeBGO9iItBMJaweHYLYYqZppuAcVdQR7Xr+uDn1cWcqa5fdCWyc4cLNjY8qGJtTddb2LtWgIBIVZr5CgWKCwUHu7N4xXQCkDX3n1v+ASvGGWJ+VIRIwTvt0f9JFYmybnlfQcB0ycCtXBkigLgChKYc5IM2+ykiaLk1px0vPCW+EMHvCJaZ3m2P5TtEBjz2bTXVwIu1pI4ZmqW5pGeiPlNME9vBU+e6lJPwxlRhMS0Dz+vTRM1sVNDxt9Yvu5Bf8hZCriffvHvJzQ68MEK8LklHHbr7QOF38eBYQuW/fPZ9IANlru49HwtwrmE3Nwa63ovcfiATVmk9Fq5oUlpuu7kQlgHjOArt8wSAf1HWAToTNyBFuYp+XcGAO3O+U=
.dunkinfun.com/ Name: _abck
Value: DA50C62A0831226AF6D1FEF21B91C6EF~-1~YAAQPChDF6urc56KAQAA8g7RvgrgLFnl+OXSJgcmcRoUGQTA5h/fwEvSfWur/Akeu/YaujouWaAxNoYBtqCAVjfIw2J5dGle+kj6fdUQ3Jis+gAwDuyPCVzV9pZcuiuumbIEJSUrvsiBds1tf5v0DJKyEofBK+kRYBikb4jrAItYWSQyq/pDVyQaTeFwZv6A5tp4H2kk26TvKDAuzNac9IULEyx9pT9trZI0G1wEy35UjfiVNFLI15M8IqFGG6QNX2foJYkdu5t+pQm5xJ7+YYwoHVXytFavs9MgDIMqYXRkTEyfhheJCGtFniSn6N/73h40EW7cu1TGgU8Fd/0QWhISmFkdG4nq3+5kiiBEAigCE/HRok82ULFpA3VxA8yQiOhlp7MVnD8c5D/y+A==~-1~-1~-1
.dunkinfun.com/ Name: bm_sv
Value: 21D1F77B645525D890C7D857DB005A1D~YAAQPChDF6yrc56KAQAAQA/RvhXTVaKnSf6JimTgxIcLuDdDACq3TbubFKPg2TEZ1GspRH85Mi2SfwJs14sLXvI4rShPSOV8BNlnM+L97wezvGpk5lnyb+uB7qxhRfnjcXaFedbbRMkOSVzQiG6aaUmQSNglYgEVHiKC7hwsZC11XgoUSMwUwvMllZDuEu1nsxbQF+pHH7bOhPgx9mRt/4523TfhkN7Adz3EtTVGkN0HSC36OttbiatI53qENUZb6Gbe~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
eprize-content.s3.amazonaws.com
pro.fontawesome.com
www.dunkinfun.com
www.facebook.com
www.google.com
www.gstatic.com
23.56.207.106
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:1634
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
52.217.79.52
00388071f9695482ce386de707b92fd5c33fd79ee3a9e2abc4348050f7f7775c
00be7d437acf68faf2f9e00df1609548a06bbc849d56ec62a58aa57f412a5265
02858bd1748895b87a6af42920da89a6e792de48ea9fbd6db963896231733b60
0b4b1886d3437d5dd246c4b6db05701ffb95f01bb460dc83fcc88584d3d2b155
100ff0a10e8aed8b372d1e53f2988b4b23240d1007f780e521ba1a439f4b02aa
1fb4c4555766c101eb59845e4bb46d9fd9b9149d4d0148600519bae7905c2dff
2134f469949c1ffbff915bb421cc0709cd3ce37fa52a5a70c37a09cd8fc39e88
257418de09101ff7791d410f420f9320141ce0436c264b076d46539b0ea0f830
2613a5ded31f5a70de953fddce31ad6bd4cb1f4444cd22b84406c25e1a6f5aea
29786f92715512cb310de3018f81f1d1cf5162bf155f1a44d1ea780418312623
2dc1d401575bb2c0e96e3c6893e496bee055ccb09971cf0829e825f6fddcb776
4c53bd4fb46505b90b10e21b4c6e477a14abb0ed61eab0a7b44ee0c351de5b5a
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
6ca0b7b4f912ce65750f7630f028509c294b6d5b667b007a39365583d9437e66
6f6ea2b84e606bd33f0fbb917b45f03b1a2e0cb53d8587bbedcc33a5300430e9
7242b09c1b6ca729b2f7792015c41386e1e3111f71d59995587afec4865e6d23
7755e9210c89ef4da0a75baac18592891b55e2cb25739ae417195bdd07eeb1de
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80e6de9320f34d16f6aed5c1bbfdc15634b31a0076a36ae43c2f9bf58ba2083e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f6deef870ceb64441e60b626152143a6c46ec227e5b4407d45b0f010831f707
910c29e82652e5ae3b25259c55d659d2d4095c530441ada1d72f765676682846
97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5
98d020d3d47ad2753d798e6032e8f1c0094270992d123283d6028e546fb92c80
a060d46566a2a5358c5aa7f9b013acfdadc1e48787b6dbdb138419f5d0288c6d
b02d00f123297597d6e4b02dfbee910cfe211687b2d454309d5dd9b1b39fd0e4
b1652f8c2d94a8f1ecd0fe5a2f38b0f341dc75c8005b853e6f826d4c15928764
bb0da5546d7d896d9eede850a97a1235043cbd58bb51435545ab51c380c11209
bd5ae364ed3e969f894a22b7d12e895cef6b9bf50bded418b0810a9388ff533a
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c3a727eef9312122ed8ea2d5c41938eefe78dae45624ca11c2bf50d053471940
cf5075b49f746072cdbf2a9b810c881b7378c7397a9a30e413ed33b6b8e72aa3
d14eca09db2b1496e78a72f70fbbb45ae3e7e18419990ce4a5d1f73b394ffc98
d2ac92fbf6f15018d59139b5595f2246fe007fab0cca4a1c938903bbd225e551
db0bc90f41eada3168c7e333548bfae8879bea814de69e4b09a300e8b5d87ab4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4afc5b80bdfa7a73b1fc32d1babf98d51e6f17d56575129085654394ca85dd
fc26d12edbeeef8270bd9f0019117f44428a514da02936719938b7b9442fd382
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffa9fb63ec7f4b06c6b132dcac87f91fc62d40b799c8fce21e56bef29aae54b8