www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:802d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paracom.paramountcommunication.com/ct/62721775:WVMPDwiMN:m:1:2685199000:0B0CFBD7B600CB084C1D33BE999F7D37:r
Effective URL:
https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Submission: On January 24 via api (January 24th 2024, 2:37:23 pm UTC) from US — Scanned from DE

Summary HTTP 197 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 26 domains to perform 197 HTTP transactions. The main IP is 2606:4700:7::a29f:802d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kennedy24.com. The Cisco Umbrella rank of the primary domain is 506442.
TLS certificate: Issued by R3 on January 20th 2024. Valid for: 3 months.

This is the only time www.kennedy24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.149.116.214 54.149.116.214	16509 (AMAZON-02) (AMAZON-02)
2 10	2606:4700:7::... 2606:4700:7::a29f:802d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
19	2606:4700:7::... 2606:4700:7::a29f:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:780... 2a02:26f0:780::210:a469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
10	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	18.161.111.105 18.161.111.105	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:cd14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3b64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:38::35	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
16	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	198.202.176.141 198.202.176.141	16509 (AMAZON-02) (AMAZON-02)
12	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	34.208.216.197 34.208.216.197	16509 (AMAZON-02) (AMAZON-02)
6	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
197	42

1 54.149.116.214 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-116-214.us-west-2.compute.amazonaws.com

paracom.paramountcommunication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:7::a29f:802d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.kennedy24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:7::a29f:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

joinkennedy.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 18.161.111.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-105.mrs52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:cd14 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b64 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-ptjx4tds2q-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.141 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.208.216.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-216-197.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5083 r.stripe.com — Cisco Umbrella Rank: 3369 m.stripe.com — Cisco Umbrella Rank: 1188	1 MB
22	google.com translate.google.com — Cisco Umbrella Rank: 1164 region1.analytics.google.com — Cisco Umbrella Rank: 2616 pay.google.com — Cisco Umbrella Rank: 2630 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 31	464 KB
19	nationbuilder.com joinkennedy.nationbuilder.com — Cisco Umbrella Rank: 826224 assets.nationbuilder.com — Cisco Umbrella Rank: 85797	344 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	846 KB
14	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140 ka-p.fontawesome.com — Cisco Umbrella Rank: 3262	350 KB
10	kennedy24.com 2 redirects www.kennedy24.com — Cisco Umbrella Rank: 506442	32 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 5797 newassets.hcaptcha.com — Cisco Umbrella Rank: 7041 api.hcaptcha.com — Cisco Umbrella Rank: 7252	408 KB
5	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1284	39 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369 www.googleapis.com — Cisco Umbrella Rank: 20 translate.googleapis.com — Cisco Umbrella Rank: 800	106 KB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2074 rs.fullstory.com — Cisco Umbrella Rank: 2075	71 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	179 KB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 12411	45 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	256 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6518	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
2	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5668	2 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 463 p.typekit.net — Cisco Umbrella Rank: 566	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 789	724 B
1	t.co t.co — Cisco Umbrella Rank: 656	377 B
1	run.app server-side-tagging-ptjx4tds2q-uc.a.run.app	463 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	getbootstrap.com getbootstrap.com — Cisco Umbrella Rank: 49095	7 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
1	paramountcommunication.com 1 redirects paracom.paramountcommunication.com — Cisco Umbrella Rank: 250304	863 B
197	26

	Domain	Requested by
37	js.stripe.com	www.kennedy24.com js.stripe.com
16	q.stripe.com	www.kennedy24.com
12	play.google.com	www.gstatic.com
12	r.stripe.com	js.stripe.com
12	www.gstatic.com	www.recaptcha.net www.gstatic.com pay.google.com
10	joinkennedy.nationbuilder.com	www.kennedy24.com
10	www.kennedy24.com	2 redirects www.kennedy24.com static.cloudflareinsights.com
9	assets.nationbuilder.com	www.kennedy24.com
7	ka-p.fontawesome.com	www.kennedy24.com
5	www.recaptcha.net	www.kennedy24.com www.gstatic.com assets.nationbuilder.com www.recaptcha.net
4	pay.google.com	js.stripe.com pay.google.com www.kennedy24.com www.gstatic.com
4	connect.facebook.net	www.googletagmanager.com www.kennedy24.com connect.facebook.net
4	ka-f.fontawesome.com	kit.fontawesome.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	m.stripe.com	m.stripe.network
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	www.kennedy24.com www.googletagmanager.com
3	kit.fontawesome.com	www.kennedy24.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	rs.fullstory.com	edge.fullstory.com
2	www.google.com	www.gstatic.com
2	www.facebook.com	www.kennedy24.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.google.de
2	edge.fullstory.com	www.kennedy24.com edge.fullstory.com
2	www.lightboxcdn.com	www.kennedy24.com
2	fonts.googleapis.com	www.kennedy24.com joinkennedy.nationbuilder.com
1	hcaptcha.com	b.stripecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	translate.googleapis.com
1	analytics.twitter.com
1	t.co
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	server-side-tagging-ptjx4tds2q-uc.a.run.app	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	getbootstrap.com	www.kennedy24.com
1	www.googleapis.com	assets.nationbuilder.com
1	translate.google.com	www.kennedy24.com
1	p.typekit.net	use.typekit.net
1	static.cloudflareinsights.com	www.kennedy24.com
1	use.typekit.net	www.kennedy24.com
1	ajax.googleapis.com	www.kennedy24.com
1	paracom.paramountcommunication.com	1 redirects
197	46

This site contains links to these domains. Also see Links.

Domain
checkout.opennode.com
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
rumble.com

Subject Issuer	Validity	Valid
www.kennedy24.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2023-10-21` - `2024-10-20`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
assets.nationbuilder.com E1	`2023-12-21` - `2024-03-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-02` - `2024-01-31`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Frame ID: C1F571A7A6B34D2D82DBED1EEE398BD8
Requests: 84 HTTP requests in this frame

Frame: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 3A53AF59E723A693C163DE8E87397452
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 659D6292E402FD15E1DF33394D2C76FC
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=qqkm4o1n0jkb
Frame ID: 13A1FAE0454AEF3B0A57A6DD2B816B23
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=y3073ed7wor5
Frame ID: 1A1A608FE06B33C4B36537010891CF8A
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
Frame ID: 832CC8306FE24E6F3AFB667C23A659E8
Requests: 18 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
Frame ID: 2B4588A2299ED0EBB8265DD75B0BCBAA
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
Frame ID: F4D479B18CCC6432DD8E73BC59F01202
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
Frame ID: C973AFF87689166A592561A4A0F64612
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=y3073ed7wor5
Frame ID: 9D1D9E133D29272AAA668AB9C4C6216D
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 49B989F440D53B74D8929C1606473768
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5F889F18D54955AE98B85635829348C2
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: A9FEBCFFFCF2404CD3B343CE5A9BE055
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-e4b44514d55bef3cb3dcc52ba9944d79.html
Frame ID: 5FE302CF264446DC744CD32DA3D26F88
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html
Frame ID: 4BA9811A92C7B1EC7A9B35EB15D68F76
Requests: 6 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: D7042CF18E0BBED8C83AAC3C94481C92
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
Frame ID: 9A218E73B346E72146613171FF01F1B7
Requests: 9 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=1b0odh8gw54
Frame ID: 9CC86B2266E8D8563E5E2F2045947E9D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We, the People... | Kennedy24

Page URL History Show full URLs

http://paracom.paramountcommunication.com/ct/62721775:WVMPDwiMN:m:1:2685199000:0B0CFBD7B600CB084C1D33BE999F7D37:r HTTP 302
https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

197
Requests

98 %
HTTPS

68 %
IPv6

26
Domains

46
Subdomains

42
IPs

4
Countries

4602 kB
Transfer

15392 kB
Size

26
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.opennode.com/p/d05e70a0-a317-4e30-b81d-1ae3e5575d2c
Title: Bitcoin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/robertfkennedyjr/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rfkjr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@teamkennedy2024

Search URL Search Domain Scan URL

URL: https://twitter.com/RobertKennedyJr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ewc5vQcMpLticvqPDcSQw

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RFKjr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paracom.paramountcommunication.com/ct/62721775:WVMPDwiMN:m:1:2685199000:0B0CFBD7B600CB084C1D33BE999F7D37:r HTTP 302
https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Request Chain 64

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

197 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate Show response
www.kennedy24.com/
Redirect Chain

http://paracom.paramountcommunication.com/ct/62721775:WVMPDwiMN:m:1:2685199000:0B0CFBD7B600CB084C1D33BE999F7D37:r
https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

83 KB
19 KB

697ms
550ms

Document
text/html

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64e901abbb61027d2c52d97e6d94510c213d74d734641f4a3eeef5525ca7b156

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84a90352a82e1c19-FRA
content-encoding: br
content-security-policy: frame-ancestors joinkennedy.nationbuilder.com
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:37:11 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
x-content-digest: 20063e594f3153dae95ae8ed70a5d5c467f91a9f
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1706107031534259
x-nb-cached-page: yes
x-rack-cache: stale, invalid, ignore, store
x-request-id: 3a1301fc-f113-43cc-9343-747439875078
x-runtime: 0.338095

Redirect headers

AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 228
Content-Type: text/html; charset=utf-8
Date: Wed, 24 Jan 2024 14:37:11 GMT
Location: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 223ms
77ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 14:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 14:37:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 14:37:12 GMT

GET
H2 200 theme.scss
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 461 KB
60 KB 708ms
529ms Stylesheet
text/css 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/theme.scss

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216bfef59afc56d26d4b60c00d01d18c6a0ad2190153e59a47c4cd1725328f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084363909509
alt-svc: h3=":443"; ma=86400
x-request-id: f1295635-3783-42e8-b6c0-226b95f8ec90
x-runtime: 0.040013
x-content-digest: 0ad1704d1e5da3f1e464b4e3874554ba6d3c713d
server: cloudflare
etag: W/"216bfef59afc56d26d4b60c00d01d18c"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 84a903574e5e91db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:24 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
31 KB 278ms
99ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:55 GMT
x-content-type-options: nosniff
age: 54317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30623
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:55 GMT

GET
H2 200 opz7yic.css
use.typekit.net/ 10 KB
1 KB 521ms
342ms Stylesheet
text/css 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/opz7yic.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

751c35af08d9aa58dc304762b4696f0b56e3debcba775d38db4a9d87ceb1ff12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 24 Jan 2024 14:37:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1198

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
5 KB 292ms
116ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84a9035749ed2c7a-FRA
x-amz-cf-id: bfa2qzjKzihihZMfekidSh30sxf7-LvZkB9zQRjJXFcI3SF1wXF4ew==
expires: Wed, 24 Jan 2024 18:37:12 GMT

GET
H2 200 profile-login.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/ 3 KB
4 KB 285ms
109ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/profile-login.png?1697582282
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: UZ3z2H3eCPLVBD_NSfvXtS6kN40SZ1iE
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3222
last-modified: Tue, 17 Oct 2023 22:38:03 GMT
server: cloudflare
etag: "2d003d6e18b1ba4e0db766e8f4dc526f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84a9035749ee2c7a-FRA
x-amz-cf-id: b6ywNZMpJvanB5f5iVS_zd1nCYaK26L17qY0z-Eoiba6e_1leknUFQ==
expires: Wed, 24 Jan 2024 18:37:12 GMT

GET
H2 200 rumble_logo_white.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/ 22 KB
22 KB 287ms
112ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/rumble_logo_white.png?1697064082
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: QTvG_ogPyZRtij5jlvYT2NsZCXixTkK7
via: 1.1 03b8fedec120c9a0833a57a86eae03ae.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 22352
last-modified: Wed, 11 Oct 2023 22:41:23 GMT
server: cloudflare
etag: "28e5ce4754ad7167c4c4e5eb9378ff1e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84a9035739eb2c7a-FRA
x-amz-cf-id: tX6MviZzVflN5e_7p9SLn3zPOA_U1JEoM1eo1UadoR2hHt5cSd04sw==
expires: Wed, 24 Jan 2024 18:37:12 GMT

GET
H2 200 rocket-loader.min.js Show response
www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 45ms
43ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
server: cloudflare
etag: W/"65aa9bb3-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 84a903562b7d1c19-FRA
expires: Fri, 26 Jan 2024 14:37:12 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 206ms
110ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 84a90356c9572c7a-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 240ms
48ms Stylesheet
text/css 2a02:26f0:780::210:a469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=opz7yic&ht=tk&f=22792.22793.22794.24318.40090.40091.40092.25668.25670.25673.25676.25679.51955.51956&a=2508016&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/opz7yic.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
529 B 59ms
58ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/theme.scss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joinkennedy.nationbuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Jan 2024 14:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 12:40:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Jan 2024 14:37:12 GMT

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
4 KB 154ms
143ms Image
image/png 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84a9035b8f232c7a-FRA
x-amz-cf-id: bfa2qzjKzihihZMfekidSh30sxf7-LvZkB9zQRjJXFcI3SF1wXF4ew==
expires: Wed, 24 Jan 2024 18:37:12 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 209ms
73ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:34:54 GMT
x-content-type-options: nosniff
age: 75739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 17:34:54 GMT

GET
H2 200 fslightbox.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 30 KB
10 KB 243ms
235ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/fslightbox.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084364928803
alt-svc: h3=":443"; ma=86400
x-request-id: 6b47b38a-5fd6-411a-bdd2-8050ec7528ef
x-runtime: 0.053836
x-content-digest: 167b1e36379227a2fa7c635269bdcb0ed8dec4c0
server: cloudflare
etag: W/"77ba0f0971a262f3fe1999d37208a8a7"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac6f91db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 88 KB
31 KB 254ms
84ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3513f86beb2560e5e4fefd9399f5e470d6bbf711430e0d00753b7c1f393c72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 50 KB
16 KB 124ms
117ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: 8vkkiSYDsynyQqkNXCi.JxV7ON5Tshic
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: ZRH50-C1
age: 204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 21:30:10 GMT
server: cloudflare
etag: W/"9714f34f09a34492cd827f7620009730"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 84a9035bdf9d2c7a-FRA
x-amz-cf-id: X_dWYqzCNA05GXz5BwLrssUTMHaJwcog0hFJOizfEif5beMrxM2xJw==
expires: Wed, 31 Jan 2024 14:37:12 GMT

GET
H2 200 k24-float-label.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 3 KB
899 B 262ms
256ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/k24-float-label.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084364931764
alt-svc: h3=":443"; ma=86400
x-request-id: 3838d051-772a-4067-97a7-cd1204a0afbc
x-runtime: 0.036254
x-content-digest: 858dc6cedc176df364401823e6b822ffa39fd992
server: cloudflare
etag: W/"a7e81be515a4350b67aaa7b634852658"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7191db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 localized-inputs.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 2 KB
900 B 263ms
257ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/localized-inputs.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084364934244
alt-svc: h3=":443"; ma=86400
x-request-id: 8c2d6d72-f617-4a00-8b45-dc4859bc0c67
x-runtime: 0.042825
x-content-digest: 44e5290de99fa9b40844d1e42b544d997e7c61ee
server: cloudflare
etag: W/"81d4fa5df88680bfb5899dc73e158c00"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7291db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 theme.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 50 B
284 B 202ms
196ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/theme.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084364932024
alt-svc: h3=":443"; ma=86400
x-request-id: b1b50acf-b177-4829-897e-01f22faf0c96
x-runtime: 0.038207
x-content-digest: 25fec939dd7fcf76bdd26229129e82ba0de317b7
server: cloudflare
etag: W/"7592e61876da5df397281e08f2abf3aa"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7391db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 bs-custom-file-input.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 2 KB
1 KB 519ms
514ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/bs-custom-file-input.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084365013666
alt-svc: h3=":443"; ma=86400
x-request-id: c77f6ebb-4010-4855-8abb-dcb65b2fa906
x-runtime: 0.050591
x-content-digest: 59d3af0630bcb8da94e201ce3453821d82447d22
server: cloudflare
etag: W/"4be37bbc2e40bc238e8895eac52b3a9d"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7491db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 bootstrap.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 57 KB
16 KB 284ms
278ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/bootstrap.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706084364936398
alt-svc: h3=":443"; ma=86400
x-request-id: c878f214-944e-4c16-a9f0-87c5485e4ec8
x-runtime: 0.056579
x-content-digest: 6778fed3cf095a318141a31f455c8f4663885bde
server: cloudflare
etag: W/"0a34a87842c539c1f4feec56bba982fd"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7791db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 128ms
123ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: XMew1ySJZEbqZHOttyLjYEji5MMXxzWm
via: 1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: VIE50-C2
age: 6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 21:30:10 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 84a9035bdfa12c7a-FRA
x-amz-cf-id: 8cQ7iwzYJAcnzEmZ-NuyrZcrls0ZwCR59xCklRNKwhxKAMPN4KRKjQ==
expires: Wed, 31 Jan 2024 14:37:12 GMT

GET
H3 200 donation_v2_page.js Show response
www.kennedy24.com/assets/liquid/ 2 KB
1 KB 530ms
527ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/assets/liquid/donation_v2_page.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-middleware-start: t=1701709213100246
alt-svc: h3=":443"; ma=86400
x-request-id: c4051e70-a3c1-43eb-8277-2cefada5f3cb
x-runtime: 0.039264
x-content-digest: 97924c19946db9c05a96df5fd79c4dffb67f84d3
server: cloudflare
etag: W/"fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84a9035baa39377c-FRA
x-rack-cache: stale, valid, store
expires: Wed, 24 Jan 2024 18:37:13 GMT

GET
H2 200 staged-donations.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 11 KB
2 KB 209ms
204ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/staged-donations.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706097801286316
alt-svc: h3=":443"; ma=86400
x-request-id: c11bc312-bb8e-4d6b-ba97-e1ae38bf8e81
x-runtime: 0.040312
x-content-digest: 45862d061369f952adfaa29d6844935610f45e8c
server: cloudflare
etag: W/"3fef202588115c2a23969fc04c669b49"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7891db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 donate-jquery.ui.effect-slide.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 774 B
742 B 498ms
494ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/donate-jquery.ui.effect-slide.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706097801284363
alt-svc: h3=":443"; ma=86400
x-request-id: 3a23b3ac-844c-4f9c-9a59-1d553988f319
x-runtime: 0.054559
x-content-digest: 2d0b4629f786724cb9ceba70e34ff5775fa16084
server: cloudflare
etag: W/"1c56ffc47b4761b0396058aa73916486"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7b91db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 donate-jquery.ui.effect.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/ 13 KB
5 KB 203ms
198ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071706083106/default/donate-jquery.ui.effect.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-middleware-start: t=1706097801295344
alt-svc: h3=":443"; ma=86400
x-request-id: 2d3cf64a-0dbc-4e55-9cac-e5194f9933ab
x-runtime: 0.055068
x-content-digest: 1b3c129be8aafb7c1d1cc795870d3e25365fc2a9
server: cloudflare
etag: W/"5f3ca08629dbf4b97858143154de2a7b"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 84a9035bac7c91db-FRA
x-rack-cache: fresh
expires: Thu, 23 Jan 2025 20:26:25 GMT

GET
H2 200 38b3ad1ee0.js Show response
kit.fontawesome.com/ 12 KB
5 KB 373ms
201ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 84a9035cbc9c4d79-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58pYDH6A1GCAv-4wgwC

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/ 3 KB
1 KB 895ms
723ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/lightbox_speed.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caafc82aea18779c8d13a2ff9ffba32793f18d79386e049736cf5f77c94b6230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: 1px6YhCcJNEMd9WyBcOEUw==
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Mon, 22 Jan 2024 17:43:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 38f42b34-a01e-004b-7c5a-4d29aa000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 84a9035cba479b58-FRA
expires: Wed, 24 Jan 2024 14:38:13 GMT

GET
H2 200 706b9f1865.js Show response
kit.fontawesome.com/ 12 KB
5 KB 367ms
196ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706b9f1865.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 84a9035cbc0f929b-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F57sVovO2nEhe02cy08i

GET
H2 200 payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js Show response
assets.nationbuilder.com/assets/ 16 KB
4 KB 193ms
190ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: pJYzTrtXPpe3XuvHBCvdDw81zJNsTaHD
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
content-encoding: br
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 22:39:57 GMT
server: cloudflare
etag: W/"7d0fc9aeec4f03aeef50129fbe29b1df"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 84a9035bdfa22c7a-FRA
x-amz-cf-id: x_FraaqyvTaACJmVIkmOjIMLlLkiqk8oN8auzZalx2w4-JXA5UesXA==
expires: Wed, 31 Jan 2024 14:37:12 GMT

GET
H2 200 payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js Show response
assets.nationbuilder.com/assets/ 35 KB
4 KB 191ms
187ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: 0RRfUGS5JwR2S_tnwREWXsl2LT6Qb_IT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
content-encoding: br
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jan 2024 16:17:39 GMT
server: cloudflare
etag: W/"ba73545e732d35824a90f9daee280d57"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 84a9035bdfa52c7a-FRA
x-amz-cf-id: f1w4FUebRQ3ICo0rI5odtNVocD390uR37ih0kUm0j8BV62_HQRDEGw==
expires: Wed, 31 Jan 2024 14:37:12 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 586 KB
145 KB 298ms
80ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:00 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 18
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
etag: W/"a91e0aff9b48ab71024887a3d829f605"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: BprcQ2CK8HjDTIKG9q18NeepTRdXa0ww7YMxvvaarjyVsiQQGccvOg==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 253ms
82ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e718f629db56047e34605c878d5c8b2c6bd6cc9aaaea13ab7ca02b7fde8792f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 24 Jan 2024 14:37:13 GMT

GET
H2 200 main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 469 KB
134 KB 192ms
189ms Script
text/javascript 2606:4700:7::a29f:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:12 GMT
x-amz-version-id: hH_TZMrZYI86OBvjzQwkBAz42euxmyOo
via: 1.1 acc5f68eb88a8e6d59815a0246ec23f0.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
content-encoding: br
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jan 2024 16:17:35 GMT
server: cloudflare
etag: W/"65f4d89d2236c9f9b248d9ed5de8dafa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 84a9035bdfa72c7a-FRA
x-amz-cf-id: nf1rD8V2lMwwE4sQyt9mJJdIPHoafn308gYrsBl_k9nC4bwwj4UfWg==
expires: Wed, 31 Jan 2024 14:37:12 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 3A53
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
3 KB

89ms
88ms

Script
application/javascript

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e81e4af0ac3cef0ceaf81719b9311690244090252bb0aa397f86db7ba52d814

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84a9035c5b13377c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 24 Jan 2024 14:37:12 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 84a9035bda62377c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 84a90352a82e1c19 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3A53 0
314 B 102ms
90ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/84a90352a82e1c19
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
server: cloudflare
cf-ray: 84a9035e1db9377c-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 254 KB
80 KB 251ms
103ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

daf3aac8f3ea2e625190348ef637bead51fe178e4dacd89590e4ae5eac6dbee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81335
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 14:37:13 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 225ms
60ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:14:39 GMT

GET
H2 429 webfonts Show response
www.googleapis.com/webfonts/v1/ 1 KB
823 B 446ms
260ms XHR
application/json 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

051270a03d60520447f0554587ea9636bb730702b50683230d07b00d48b2fdc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript
Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 500
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 246ms
73ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 4876326
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhDG3fuShgigteon49aLiAD8CUhgtvC0tt5%2F7SeI9%2FRUkPPVXtW0tsolJYtgIfO9MrEi9YrzhXF%2B3CN88hSOSlFNv1fZUynodFLej5KZ253uzv3Z66dnAHoVCutVU5ZIcjNzPd%2FV%2FN%2Bv6VFFE7lziEOeTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84a903603a0265c1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PweJ5j9cqTGbESn_4NBjv7A5C9XIFVLTacYqpoVyZUmYlRkKVFzvsg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 252ms
82ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 6601091
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w02JUtfRUYREi%2B6d4YMKg6UKz4GkimMA03k94lKP35U3LEQq53N5Z9icQxbcw7f8fPvgNClYfzBDHdiOmquheTAnYTIeS8fRu2KkEDENF8LnN%2BWZ03N4t7VzvDT0fBk9DBN4ZDkdlC8ANOuStJKJx7nPrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84a903603a0365c1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cbWv7WO8Kr38Ven1HdFwEpJrB3yqvxjPEerYgp1LdWI9Z4SquJwMEw==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 240ms
72ms Fetch
text/css 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 6155711
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coPs%2Fv9BYCmY4MKdoYYSIFz92eL8KEOVX7NYsTbkdeMLXuH7VZJOomg7N41hrqQYSHIIfjmeuJWPJne2gjNxR1kFkbOTBOGi%2FiL16LWfPDIe66GTa7GXMoPW3zorle%2FzcEguB54D0tyvA2ruyT0zmXiIPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84a903603a0565c1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ex7_2voWQXL24XLk42lezYfiMKEc5lH5FWBiCTv2PfvVczdEmUBzgA==

GET
H2 200 popper.min.js Show response
getbootstrap.com/docs/4.0/assets/js/vendor/ 19 KB
7 KB 585ms
411ms Script
application/javascript 2606:4700:10::6816:3b64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3b64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id: 5acc36fbe99a525c8c9af755dcc6bd54dc10644a
date: Wed, 24 Jan 2024 14:37:14 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Tue, 23 Jan 2024 10:19:09 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA
last-modified: Thu, 14 Sep 2023 14:29:01 GMT
server: cloudflare
x-github-request-id: A428:0E81:3EF3FA3:401B8E9:6540671F
x-timer: S1701234808.643771,VS0,VE1
etag: W/"650318ad-4af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 84a903604c692bd1-FRA
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
105 KB 83ms
83ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7586f33e7304f4c80bb4abaf128b900f4579aebe44bd6340afb91ab5a5f78e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106923
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
72 KB 101ms
101ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d021fdb84d94bebd8b9115f63ec139ab2c6a619898372f4bcdd57ecc0b6fe30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73403
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jan 2024 14:37:13 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 266ms
42ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230046-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 259ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jan 2024 14:37:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57021
x-xss-protection: 0
pragma: public
x-fb-debug: wm0+c1gSqOkcJ+N1bqlL6o7UkBBTqgebL2gDSblGbVzBWECwz6bb22xldh8zG+pHueY41YKD6hcjowRZjaBWnA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 272ms
51ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 13:46:15 GMT
content-encoding: br
age: 3058
x-guploader-uploadid: ABPtcPq_tHAsRJkzL9hKxAJi5EvgEgx9YXWDd18_oLSlL3_BOC0MAF12sJ8CkFLJfScKeU2o_PBICSdQog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69176
last-modified: Tue, 09 Jan 2024 14:46:09 GMT
server: UploadServer
etag: "39c79f2b05faf1b80cfb99fdd212a0e6"
vary: Accept-Encoding
x-goog-generation: 1704811569390469
x-goog-hash: crc32c=MZJ0CQ==, md5=OcefKwX68bgM+5n90hKg5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69176
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jan 2024 14:46:15 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 69ms
68ms Font
font/woff2 2606:4700:e6::ac40:cd14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cd14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:13 GMT
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 4596758
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgBedu6j1kBA5as1tHvodjh%2BlmctMi9eDMZSigRZ%2BcbleQ2%2FyftlDeuNR8FSw3RwLk64NkzVwxuFVSkCeufo7v8Q%2ByX5NctZXyhOmDPUnZ9VXlIklJZj92Pc74yxwoiNt1W3gNy36gg3Z4YXhjH6X%2B0LPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84a903611b3765c1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: I4NkJmCkVoFBzzWlFI_o5w0RA8v4JuWwpbARdgKeoTviusfnf3sxCg==

POST
H2 200 collect
server-side-tagging-ptjx4tds2q-uc.a.run.app/g/ 0
463 B 388ms
226ms Ping
text/html 2001:4860:4802:38::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-ptjx4tds2q-uc.a.run.app/g/collect?v=2&tid=G-CAPI12345&gtm=45je41m0z89133194504&_p=1706107033296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=777399820.1706107034&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706107033&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1706107237481_17061072322551&tfd=3088
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 27b3011726e92e7c421c554021518abc
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Wed, 24 Jan 2024 14:37:14 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 173ms
62ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41m0v9113043695z89133194504&_p=1706107033296&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=777399820.1706107034&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706107033&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=page_view&_fv=1&_ss=1&tfd=3137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 364ms
33ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JWBYYEB6SQ&cid=777399820.1706107034&gtm=45je41m0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11465445694/ 3 KB
2 KB 478ms
127ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11465445694/?random=1706107034002&cv=11&fst=1706107034002&bg=ffffff&guid=ON&async=1&gtm=45je41m0v9113043695z89133194504&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&hn=www.googleadservices.com&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&pscdl=noapi&auid=1727985582.1706107034&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cf1fa13ba8d11e95c765d5c22258e63090acb862e19c90c1cb1cf367d95dfd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1340
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 429ms
80ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JWBYYEB6SQ&cid=777399820.1706107034&gtm=45je41m0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1212044315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 539ms
237ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=149eeccf-4eb7-4f48-8316-6a34f4ea97eb&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=9bbe2676-bd9b-451d-8920-d3123fb87453&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 180
date: Wed, 24 Jan 2024 14:37:14 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 302257424b4d0153
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 5c2a7bc48d78bab2a9279218ba1b2294ed586cd321aba1bbb0cf74f4b39693f0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 539ms
238ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=149eeccf-4eb7-4f48-8316-6a34f4ea97eb&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=9bbe2676-bd9b-451d-8920-d3123fb87453&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 180
date: Wed, 24 Jan 2024 14:37:14 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5c06adc76e66a471
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: ba5cb4af91430112478df06ec2b3743acf1d338718bab4ec565d41a2098cb9a7
content-length: 43

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
302 B 78ms
78ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1706107034078&h=www.kennedy24.com&e=p&u=45028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Jan 2024 14:37:14 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 2206883
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: a0371fb5-501e-001a-4364-22375f000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 84a903630aab9b58-FRA

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
118 KB 87ms
81ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=38b3ad1ee0
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 4604924
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a903630bf54d79-FRA
content-length: 120109

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 78ms
72ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=38b3ad1ee0
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 1024434
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a903630bf44d79-FRA
content-length: 7186

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/38b3ad1ee0/70955553/ 0
166 B 77ms
76ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0/70955553/kit-upload.css
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
cf-cache-status: HIT
age: 4607367
content-length: 0
x-request-id: F5zw7qu8YMsCiSdFWZfB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 84a903630be94d79-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 62ms
59ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cfb7e975336d9d55857c716d6471498c580fd70077afa38292e32ca1f09e811e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jan 2024 14:37:14 GMT
content-md5: iwZOXhY0s4QX6D8TGBhrsA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
x-fb-debug: axGI/+qIV28GKoKKnIYWml3zAiE356YjVcSVGAEg1OQmq5FtGEg6xwGsM1NlexEMs4FucSBw66JMeOfasGOdTA==
x-fb-content-md5: 55e9e7ebc7a408881e0409c1be0cd282
cross-origin-opener-policy: same-origin-allow-popups
etag: "89eccf355a4b5d141051a28498eb1d4f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 24 Jan 2024 14:54:55 GMT

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 22 KB
4 KB 124ms
36ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/am=wA/d=1/rs=AN8SPfpg-TUZHtqtv5HK2wYW1BpvOKkrpA/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:39:28 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqaXRghOH3HDJ35DAqmErsz449S4g/ 208 KB
72 KB 272ms
64ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqaXRghOH3HDJ35DAqmErsz449S4g/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/am=wA/d=1/rs=AN8SPfpg-TUZHtqtv5HK2wYW1BpvOKkrpA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1dbe6f7764b206653feca21226de204e15ec83d9b5a70911b70f98148031f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73558
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 12:11:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:28:50 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1VGN0E-na1/v1/ 4 KB
2 KB 145ms
144ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1VGN0E-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3ced3edf46325429a910134583852314f2f53286a9084e725945e838cbcfe080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPpI2zezwVXLk7mpEgwl-ZPGngn_t-LFbo7kmYA7iGXuqYPEVVuXhUWWDP19FbzYXEjjkw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Wed, 24 Jan 2024 14:34:38 GMT
server: UploadServer
etag: "ff954875b800f5aefe60d4f65fc19758"
x-goog-generation: 1705955678514027
x-goog-hash: crc32c=niOsPw==, md5=/5VIdbgA9a7+YNT2X8GXWA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1258
accept-ranges: bytes
content-type: application/json
expires: Wed, 24 Jan 2024 14:52:14 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 3A53
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
3 KB

51ms
51ms

Script
application/javascript

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Protocol

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ca644a8e65124c3801135a33517d6a3775db98530dedeba2f0ff7ba8ae0f151

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84a903652ddb377c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 24 Jan 2024 14:37:14 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 84a90363dc74377c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 659D 200 B
1 KB 55ms
43ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3595
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 13:37:22 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 19 Jan 2024 21:19:51 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: EZS4M2xN3qQ7XO_n--Ib6aoR62sUXyXTk-xG2tYsAS8ePqcv7-HV2g==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 13A1 44 KB
28 KB 66ms
54ms Document
text/html 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=qqkm4o1n0jkb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2eeb2767a99154f89fc2bb0b542adc317de36eca465611610d93f2eb652b7982

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aPvTRszd6hmyE1EZGMXcTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aPvTRszd6hmyE1EZGMXcTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 14:37:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET anchor
www.recaptcha.net/recaptcha/api2/ Frame 1A1A 0
0

GET
H3 200 689052772650376 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 99ms
99ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689052772650376?v=2.9.142&r=stable&domain=www.kennedy24.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05dd66db4277e6d34ec47c403fb36ab92d583a5b51e98c8d8d275944d8fd0b35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 24 Jan 2024 14:37:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 1E/OGoXQH1HISlpmaHnI22hasV2URRJC3OIIcpyulmIUYSKcVw9IIzi2tgaJm62x07Ment2vt5+O/91Ja8RYPg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html Show response
js.stripe.com/v3/ Frame 832C 325 B
1 KB 53ms
45ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5fc8ee00cc47368f6fdf6519a5df026aae2aac44b3c3cb79012027af13c1b17e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 38
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:36:38 GMT
etag: "a8f00e403bc9538a7c1880ae6b6a2dc3"
last-modified: Tue, 23 Jan 2024 21:04:49 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: jpHbL3TDh5yFsulmtjV5_3IfIikCoxAnQQjltTPak9NFbIn27aFc0Q==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html Show response
js.stripe.com/v3/ Frame 2B45 798 B
2 KB 49ms
44ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f6ac76fbfe4390d1fac5477576bf0dc330abc8135e79f08c30f367e42703133f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1223
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:17:02 GMT
etag: "e0469436b9f770d725a440154c0ce6ee"
last-modified: Tue, 23 Jan 2024 21:04:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: zF3RGNXSnC_FLZXTgzkWR0vyM-35t4X09ivg3-PaxTBYWR1U_dkXGw==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html Show response
js.stripe.com/v3/ Frame F4D4 408 B
1 KB 52ms
48ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9fd703e836a5c337b7d201803a8a3f62f1d83e709f14bc5660bf1d8828f1e896

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1040
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:19:56 GMT
etag: "663151670dfe2e17a3bc350be932abd3"
last-modified: Tue, 23 Jan 2024 21:05:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: -gALfJn5d_oKLCB4dwl_mthpD-ilNyUy-XBN8LofW3M1R0Mw-z_a8w==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html Show response
js.stripe.com/v3/ Frame C973 344 B
2 KB 53ms
49ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b46d3024a6c36b8cd64ac80c86cc0ab15d5302944b0e09c0919889395579338f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:36:36 GMT
etag: "2c6547c20acd86dbd815d5f2ec7d5a4f"
last-modified: Tue, 23 Jan 2024 21:05:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: dsjcbkMFRfamYvSaAVFg6uJ0-Ds4A0-0tlsNb8rNJEYRQomQe-9_Xw==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 9D1D 7 KB
1 KB 126ms
126ms Document
text/html 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8b166bc99f6365dac43bacdfbec19a488c62237293ac4a98b724339059d8c6c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TL_TkhVrm0ly0_yUMJG95w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TL_TkhVrm0ly0_yUMJG95w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 14:37:14 GMT
expires: Wed, 24 Jan 2024 14:37:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 rum Show response
www.kennedy24.com/cdn-cgi/ 0
143 B 67ms
64ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.kennedy24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 84a90364cd7d377c-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 59ms
57ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41m0v9113043695z89133194504&_p=1706107033296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=777399820.1706107034&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1706107033&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=stacked_donate_amount_selected&ep.stacked_donate_amount_selected=100&_et=325&tfd=3529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 659D 526 B
1 KB 49ms
49ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 13:37:20 GMT
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 3595
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 19 Jan 2024 21:19:50 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: g6QzrKxzsgNgeNL2BZvL_VkwERhBGx8YcxD3T0be1GaBpbauUT697g==

GET
H2 200 shared-04b07963a2be4592c691734b7eed0673.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2B45 534 KB
118 KB 168ms
168ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:05:20 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1922
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:03 GMT
server: Cloudfront
etag: W/"95aa681b281a5fd9fb2c047afb2affcb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KBRI-JTc0XHpoezN_SDz-uNaoq_J5onqFMZsCa2TkppoA3PQH5cXOA==

GET
H2 200 ui-shared-57ae7f3964c396f11299f2619763cf2b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2B45 406 KB
104 KB 264ms
263ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-57ae7f3964c396f11299f2619763cf2b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

97a2cd2c3a554b54b1f41eda4ec4e6e7038240a01503c6e8203b61a3640510a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:09:46 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1679
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:04 GMT
server: Cloudfront
etag: W/"74750a2b46f29b49f65512111bd8dac0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7v3vCya0tbOFBNFWoFcc214zouW8oQuT-108gTGAZ0eHA2TE14OsyQ==

GET
H2 200 elements-inner-card-bca2af1c075f408256967d302110c6ad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2B45 53 KB
14 KB 499ms
498ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-bca2af1c075f408256967d302110c6ad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3cef5d81369ac39c8da814762cdcf2fb00d65bb98baa70776223ddd289c6c014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 13:57:41 GMT
content-encoding: gzip
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2430
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Thu, 18 Jan 2024 03:15:56 GMT
server: Cloudfront
etag: W/"afa7d5792867908f67b7272e8fd0803c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: s__Pu7J99RzTIQIZOZjS214qXfqwqa3UA3RVKyN0TM38BTgPFKBMyg==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 2B45 20 KB
3 KB 301ms
300ms Stylesheet
text/css 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:17:02 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1266
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:44 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QPXDPPDgauz0F6FyAj0piXz3xs2baxSvzT92fwFSJ0wEvzHPs53Vbg==

GET
H2 200 elements-inner-card-b79a095030fa6973133c91d98bd626d2.css
js.stripe.com/v3/fingerprinted/css/ Frame 2B45 14 KB
2 KB 266ms
266ms Stylesheet
text/css 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-b79a095030fa6973133c91d98bd626d2.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1bb8affc0ad0f6449490148a0ec45435d64f1494b92ad385f266b9b86d7aa076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:29:39 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 525
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 12 Jan 2024 21:06:27 GMT
server: Cloudfront
etag: W/"81af9199f83c2489a35a5a81327a87b6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HXSpvV5EO3YS6qQRfs5bWXKuE30tcRE0PSy5eOqqtpYDdQHGx6qt9w==

GET
H2 200 shared-04b07963a2be4592c691734b7eed0673.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 832C 534 KB
118 KB 298ms
298ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:05:20 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1922
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:03 GMT
server: Cloudfront
etag: W/"95aa681b281a5fd9fb2c047afb2affcb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: pvVx6KgEkBgS_2uGxxNJ64o-lpRmQAYBIZNPNdCl_-7gGZ4D438WbA==

GET
H2 200 controller-5191fe85359757d5b3779b41498f0625.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 832C 693 KB
160 KB 365ms
364ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-5191fe85359757d5b3779b41498f0625.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

efef889adaef80d21e620d06956618a3f355c23961901039c0aae1d8893bda99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:33:05 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 250
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:01 GMT
server: Cloudfront
etag: W/"ed234fd8d7109acdbdd95f9489614c03"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 2YuwCUU34QrvGFOoVvUsdcrnBgb8W4OkIQjgL14tD5uAwYTKIOFVtg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F4D4 118 KB
36 KB 987ms
520ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4b118f1d6941d1c227f24465a739f9c03a205b53382e0aafcdfec681f394f7b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-YC7o-6AhIMqNlrHWF51APA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-YC7o-6AhIMqNlrHWF51APA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmII0pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_H7INH1rIJNDS2HGQEAOgJNs4"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 24 Jan 2024 14:37:15 GMT

GET
H2 200 shared-04b07963a2be4592c691734b7eed0673.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F4D4 534 KB
118 KB 447ms
447ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:05:20 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1922
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:03 GMT
server: Cloudfront
etag: W/"95aa681b281a5fd9fb2c047afb2affcb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 48Zn3pigI-D_B-I51ZaPkF2oSxBDLljBDdIEZ4VpTgzNrpNytt_JMg==

GET
H2 200 payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F4D4 12 KB
5 KB 78ms
78ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d432dd3294f1501fc61a2463928f5b86.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-663151670dfe2e17a3bc350be932abd3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:09:26 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1672
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 18:03:23 GMT
server: Cloudfront
etag: W/"a535e80a392a5f530d16d7eeee51483d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6Pt3sFY12eN-5IwkiaVgX3GWeK8sDk_D4CCmolK0G8Xr4kVxSLnMFA==

GET
H2 200 shared-04b07963a2be4592c691734b7eed0673.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C973 534 KB
118 KB 641ms
639ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:05:20 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1922
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:03 GMT
server: Cloudfront
etag: W/"95aa681b281a5fd9fb2c047afb2affcb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wSTFbOGsetgNWZNYCPo3T6yQ84ynjBRUHFOFBnSXmEH1AqPa5mdcOw==

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C973 13 KB
6 KB 670ms
670ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-2c6547c20acd86dbd815d5f2ec7d5a4f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 13:57:55 GMT
content-encoding: gzip
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2360
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 21:19:50 GMT
server: Cloudfront
etag: W/"9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: VH-990xLDSXqjsich2INSlmATSr6KJ249rROqhPDxymv3FfSc5uTtQ==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 13A1 55 KB
24 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=qqkm4o1n0jkb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 12:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 12:42:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 13A1 506 KB
203 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:14:39 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 465ms
70ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=131f800e70f9f9b7fefcbdf4eaebb8ec

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bb7bebf16bb0b5ed838d8d37854b0020e19481546a80f93c96a09b6f0759a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 24 Jan 2024 14:37:14 GMT
content-md5: 8zDB0/rWOhG7TCn8CWmikA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87014
x-fb-debug: 7LRmetKRVt6L1x+0moQYrYpqMNd30SJ3p8NAcBAjcbDaoJtxHb6BzsZMoerYezIYn+8IwP3zi+6JZkFj4e6vbw==
x-fb-content-md5: 5d7f9c8b7545bb41bb5ff6c2e28138b0
cross-origin-opener-policy: same-origin-allow-popups
etag: "92db8904c0067c8b98ceb7d616109077"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jan 2025 14:11:39 GMT

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 145ms
144ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 3554899
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a90366b8e34d79-FRA
content-length: 38432

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 13 KB
14 KB 161ms
161ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 4383937
etag: "6568cc22-35f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a90366b8e64d79-FRA
content-length: 13816

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 39 KB
39 KB 138ms
138ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 4604924
etag: "6568cc18-9cfc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a90366b8e84d79-FRA
content-length: 40188

POST
H2 200 csp-report
q.stripe.com/ Frame 659D 0
717 B 1541ms
372ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036069831
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036069176
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 659D 0
716 B 1788ms
620ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036308387
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036308028
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2B45 0
716 B 1785ms
621ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036308921
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036308054
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2B45 0
717 B 1988ms
825ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036505418
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036504882
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 832C 0
716 B 1982ms
824ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036504996
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036504701
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F4D4 0
717 B 1975ms
823ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036505184
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036504888
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F4D4 0
717 B 1521ms
370ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036051389
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036051075
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C973 0
717 B 1519ms
372ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036069864
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036069148
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C973 0
717 B 1517ms
371ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036069439
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036069157
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 49B9 930 B
1 KB 992ms
21ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:37:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 54
x-content-type-options: nosniff
x-request-id: 1262fa04-4045-4da0-b676-00c7adddba8d
x-served-by: cache-fra-etou8220029-FRA
x-timer: S1706107036.801195,VS0,VE0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 216ms
67ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689052772650376&ev=PageView&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&rl=&if=false&ts=1706107034684&sw=1600&sh=1200&v=2.9.142&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1706107034683.1916812470&ler=empty&it=1706107034260&coo=false&eid=1706107237481_17061072322551&tm=1&exp=d2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 24 Jan 2024 14:37:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 84a90352a82e1c19 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3A53 0
315 B 81ms
78ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/84a90352a82e1c19
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Jan 2024 14:37:14 GMT
content-encoding: br
server: cloudflare
cf-ray: 84a90368190e377c-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/11465445694/ 42 B
340 B 943ms
38ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11465445694/?random=1706107034002&cv=11&fst=1706104800000&bg=ffffff&guid=ON&async=1&gtm=45je41m0v9113043695z89133194504&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_2KxL3xu4GBZojCDCKLdsfQ1FVvZn4g&random=3376262198&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11465445694/ 42 B
154 B 87ms
86ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11465445694/?random=1706107034002&cv=11&fst=1706104800000&bg=ffffff&guid=ON&async=1&gtm=45je41m0v9113043695z89133194504&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&frm=0&tiba=We%2C%20the%20People...%20%7C%20Kennedy24&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_2KxL3xu4GBZojCDCKLdsfQ1FVvZn4g&random=3376262198&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 1212ms
314ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d47357469d2791568ddf3a49f085f7cc2b090d0fe5502e7e58c3e988d50c5fe8

Request headers

Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kennedy24.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1463

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 9D1D 55 KB
24 KB 70ms
65ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 12:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Jan 2025 12:42:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 9D1D 506 KB
203 KB 177ms
172ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 20:14:39 GMT

GET
DATA 200
OK truncated Show response
/ Frame 5F88 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 171ms
49ms Image
image/svg+xml 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 22:12:42 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 160ms
159ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:36:58 GMT
x-content-type-options: nosniff
age: 75617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Jan 2025 17:36:58 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 832C 474 B
865 B 175ms
48ms Fetch
application/json 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-105.mrs52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:36:51 GMT
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
age: 25
x-amz-cf-pop: MRS52-P4
etag: "a1c509b5224a793d214c820498fafb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: iq72vx9nRi_wiMTRxBrzTRQBxJCN-K4nzsPSOa4eAdHu0XnYIUPX7Q==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 832C 474 B
866 B 162ms
47ms Fetch
application/json 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-105.mrs52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8f00e403bc9538a7c1880ae6b6a2dc3.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:36:51 GMT
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
age: 25
x-amz-cf-pop: MRS52-P4
etag: "a1c509b5224a793d214c820498fafb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: LqbkI85QMGpVmt2R2YA6mnDq5CDwmfCOYH2W_M0qToCh4VgIkFkCHQ==

GET
H2 200 KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js Show response
www.google.com/js/bg/ Frame 13A1 17 KB
7 KB 723ms
22ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/KkWFeSURekXGycdprVC-UY6ED-ZF5ll2JCMiHhJE2Rk.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6842
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 23:37:08 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 13A1 2 KB
2 KB 72ms
69ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:45:59 GMT
x-content-type-options: nosniff
age: 60676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 30 Jan 2024 21:45:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 13A1 15 KB
15 KB 40ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 486619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 13A1 15 KB
15 KB 48ms
44ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:08 GMT
x-content-type-options: nosniff
age: 188947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jan 2025 10:08:08 GMT

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 832C 2 KB
3 KB 831ms
261ms Fetch
application/json 198.202.176.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.141 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0fede1408f276e2a67b8479fa15e674f610cdf5acd114582c80ad724f9e6c1f7

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2483
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2B45 474 B
865 B 84ms
83ms Fetch
application/json 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-105.mrs52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:36:51 GMT
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
age: 25
x-amz-cf-pop: MRS52-P4
etag: "a1c509b5224a793d214c820498fafb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: LzzZUkN5n5pfvU5n6gfruQP6PQaiLJmi4V5TqTCyQ5XQ3UxCM-yXgQ==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 145ms
144ms Fetch
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1679673749184434&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&sdk=joey&wants_cookie_data=true

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
strict-transport-security: max-age=15552000; preload
date: Wed, 24 Jan 2024 14:37:15 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: Zp3hkE3HFnfpKEFCJ9F8djDCt0c3ptNV8UMNprJ5uqI82OWYLpcLQORWXGtbZtlOXiiT+H+E216JF6sK4P1YwA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 800ms
369ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036154363
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1706107036153835
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 797ms
368ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036151977
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1706107036151424
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
272 B 795ms
370ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036155052
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1706107036154366
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
272 B 785ms
370ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036154835
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1706107036154132
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2B45 474 B
865 B 321ms
320ms Fetch
application/json 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-105.mrs52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-e0469436b9f770d725a440154c0ce6ee.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:36:51 GMT
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
age: 25
x-amz-cf-pop: MRS52-P4
etag: "a1c509b5224a793d214c820498fafb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: KhssOwj9oQlWmTDHyVZCJzd6JwBzt8tf0Q0SXzf8-kBj5Ti1SwfNVw==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame A9FE 19 KB
8 KB 69ms
68ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb05a9cff94081fbf5993ebc787ddfcd8287c70b306bbde8fe38ec5dde02af2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P16CaMLfodWmOemVYyqI1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-P16CaMLfodWmOemVYyqI1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 24 Jan 2024 14:37:15 GMT
expires: Wed, 24 Jan 2024 14:37:15 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmII0pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEA_H7INH1rIJ7Pg7uZ8ZAOrcN2E"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 13A1 102 B
135 B 26ms
26ms Other
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=qqkm4o1n0jkb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 24 Jan 2024 14:37:15 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame A9FE 159 KB
56 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64538376e8856edd3e56379eff18fc2755cea3d3e8ae91157b7910f29f43ca02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57441
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 05:46:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 17:50:08 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 49B9 0
491 B 696ms
695ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036505167
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706107036504905
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 49B9 87 KB
15 KB 272ms
271ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 24 Jan 2024 14:37:16 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 249
x-cache: HIT
content-length: 15509
x-request-id: 23276c91-ea21-4c22-a8b2-711b0b82e498
x-served-by: cache-fra-etou8220029-FRA
server: Fastly
x-timer: S1706107036.183684,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 183

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame A9FE 2 KB
2 KB 136ms
135ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame A9FE 74 KB
27 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhoO3J8XkbTxYE0O1fdZaBEmwBZ3A/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4994cb03158c7f362f375ee70bbdac9dffc6d02dbe979a9f1069dbf6e353e925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27641
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 17:50:08 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
274 B 189ms
189ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036155235
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 10
x-stripe-client-envoy-start-time-us: 1706107036154546
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-e4b44514d55bef3cb3dcc52ba9944d79.html Show response
js.stripe.com/v3/ Frame 5FE3 71 KB
24 KB 54ms
54ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-e4b44514d55bef3cb3dcc52ba9944d79.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ad474610db8453986b107c7cd19d0d1682bc5db392310ea60328c230e309e337

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-sbwIrn/w/dsqbgMBWbm+DTNv5b8IJrrH6VH6oy6yhsc='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 901
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-sbwIrn/w/dsqbgMBWbm+DTNv5b8IJrrH6VH6oy6yhsc='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:22:19 GMT
etag: W/"e4b44514d55bef3cb3dcc52ba9944d79"
last-modified: Tue, 23 Jan 2024 21:05:04 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: v3qBEHVDuQanpCb1lPXn5sw7gGpffePSwKAVBgFD0k5BXfCPfJkHKQ==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 336ms
335ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036329908
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1706107036329193
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
37 KB 46ms
46ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:02:33 GMT
content-encoding: gzip
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2083
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 21:19:50 GMT
server: Cloudfront
etag: W/"f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: d5vDlV03VwDnW2pyEjDgqFD65NeHc38ynMR6ZKfJOhPXGpywkL7sEA==

GET
H2 200 elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html Show response
js.stripe.com/v3/ Frame 4BA9 77 KB
16 KB 50ms
50ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e7e9a911d66b6b649a86654b9ead663eb94c0a78cd37376b3ad5cf7f9a428fe8

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 304
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:32:13 GMT
etag: W/"bf85abfb4df5183982e900427d13172a"
last-modified: Tue, 23 Jan 2024 21:04:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: ok9xOHCrBM4UlvcIzoX3EbXS69WsmLWgwP51BAfr5w4Ztk0OQ-k5ow==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame A9FE 1 MB
379 KB 105ms
105ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e8e24d184e16fdebcbe2d867598fb0e42dae703d5102fb6ca55d9c108d96f7f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-66fQpfJp855cxnqOJoIJzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-66fQpfJp855cxnqOJoIJzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmII0pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-fqSSQKINYB4h48Hi5jPdNY34dNZuSKms8bVTWfNA2K-ddNZdddPZ22JnsE6BYid0mewBgGxEDfHnINH1rIJPHjyowAAtHk3sw"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 24 Jan 2024 14:37:16 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 5FE3 0
716 B 530ms
530ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036710258
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036709849
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4BA9 0
717 B 520ms
519ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036710464
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036709888
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4BA9 0
715 B 519ms
519ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036710308
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036709922
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-04b07963a2be4592c691734b7eed0673.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4BA9 534 KB
118 KB 48ms
48ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:05:20 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1924
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:03 GMT
server: Cloudfront
etag: W/"95aa681b281a5fd9fb2c047afb2affcb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TtkUrk2k3XCrr2o141LlOLIsAgdkaYWiAwMQdnzKGvAXJry8WCBMmg==

GET
H2 200 elements-inner-link-button-for-card-8a7b6f6354c282b6a4fac964ea39980a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4BA9 24 KB
9 KB 120ms
119ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-8a7b6f6354c282b6a4fac964ea39980a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

71cb66aea504951c7d2499622f35a263da91af2fd72b6efd2889657da0e8b817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:29:25 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 475
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 21:19:48 GMT
server: Cloudfront
etag: W/"ce0bb5b197c6330c3e2d69a66d1f828d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5FSxsnRF_94dcRBNbqDJOgVEqMpL0bKwCPiGmZy6iswwOEYT_i57hA==

GET
H2 200 elements-inner-link-button-for-card-5eea9779eabe486a801d5564f8c44131.css
js.stripe.com/v3/fingerprinted/css/ Frame 4BA9 25 KB
4 KB 120ms
120ms Stylesheet
text/css 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-5eea9779eabe486a801d5564f8c44131.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

042e2de0cb5720f25c17d0c9d40fbf5d1a5711c3e5e275ca939a36298e69117a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-bf85abfb4df5183982e900427d13172a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:29:26 GMT
content-encoding: gzip
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 471
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 21:19:37 GMT
server: Cloudfront
etag: W/"292bfff48a65329a3b7ce317998188f4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZRjLJafsWfNmidcJ3isd3JpDlSmNLXs3fkmEyWTSmNAzPgX6j5G14g==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 5FE3 474 B
865 B 46ms
46ms Fetch
application/json 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-e4b44514d55bef3cb3dcc52ba9944d79.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-105.mrs52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-e4b44514d55bef3cb3dcc52ba9944d79.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:36:51 GMT
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
age: 26
x-amz-cf-pop: MRS52-P4
etag: "a1c509b5224a793d214c820498fafb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: PG6X1PDBgxZIl16bl8gJ239TvqII-Pk2yruQ3PjZqJkW-LI1J3tR8w==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.6/ Frame D704 419 B
745 B 783ms
767ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-e4b44514d55bef3cb3dcc52ba9944d79.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

63293d7cb7e2db4b24a51f81bcf1946d5a9a516051a274997fcef446b9b7b7bd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60
content-encoding: br
content-length: 284
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:37:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-request-id: 58ac8a3f-7dd6-45b5-bb32-efb6134fa9f1
x-served-by: cache-fra-etou8220029-FRA
x-timer: S1706107037.555024,VS0,VE722

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame A9FE 9 KB
4 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ec9616894234c98e9398e3b0bda72dc52b48cb4424ea70075df3248438a85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3730
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 17:50:08 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_B... Frame A9FE 37 KB
14 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.25sZXrc-t9o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriN2nznL-loDI02_dPJe4LAHmXlzg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad38fde14463f677c827b60d05e33a2f222de47a6825f96e27621621ee105cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 17:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Jan 2025 17:50:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame A9FE 131 B
156 B 201ms
100ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame A9FE 131 B
156 B 224ms
123ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame A9FE 131 B
156 B 227ms
123ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame A9FE 131 B
156 B 203ms
103ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:16 GMT

POST
H3 200 log Show response
play.google.com/ Frame A9FE 131 B
156 B 204ms
103ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 146ms
71ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 24 Jan 2024 14:37:16 GMT
expires: Wed, 24 Jan 2024 14:37:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 144ms
71ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 24 Jan 2024 14:37:16 GMT
expires: Wed, 24 Jan 2024 14:37:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
70ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 24 Jan 2024 14:37:16 GMT
expires: Wed, 24 Jan 2024 14:37:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
72ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 24 Jan 2024 14:37:16 GMT
expires: Wed, 24 Jan 2024 14:37:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 137ms
72ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 24 Jan 2024 14:37:16 GMT
expires: Wed, 24 Jan 2024 14:37:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame A9FE 131 B
156 B 126ms
124ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 24 Jan 2024 14:37:16 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 130ms
130ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-type,x-goog-authuser,origin
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 24 Jan 2024 14:37:16 GMT
expires: Wed, 24 Jan 2024 14:37:16 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 221ms
221ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036702597
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1706107036701857
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 49B9 156 B
669 B 654ms
209ms XHR
application/json 34.208.216.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.216.197 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-216-197.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e907bc436e0108940c9120dcf57a20f353f360e6a7ceb8429599bbc9be2e0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107037140788
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706107037140436
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 elements-inner-payment-request-826937446387873540409d20f5b074f5.html Show response
js.stripe.com/v3/ Frame 9A21 820 B
2 KB 27ms
26ms Document
text/html 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f5f8cbd0f5ba7a05c6caedd3b32ba05d22f2afd1be44c49bf757590ec080e9c3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 158
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 24 Jan 2024 14:34:40 GMT
etag: "826937446387873540409d20f5b074f5"
last-modified: Tue, 23 Jan 2024 21:04:50 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-amz-cf-id: 0tAwBjt3YWsAnoY1ZzsuTrmxsIL9H5sYWDCQQuAPJFKUdr1L7L8syg==
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 14 KB
14 KB 54ms
53ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:32 GMT
server: cloudflare
age: 4604110
etag: "6568cc1c-3904"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a9037319ed4d79-FRA
content-length: 14596

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 17 KB
17 KB 63ms
62ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 2688044
etag: "6568cc22-426c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 84a9037319f04d79-FRA
content-length: 17004

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 188ms
188ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036766696
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1706107036765904
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9A21 0
717 B 226ms
226ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036782759
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036782259
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9A21 0
718 B 226ms
226ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107036783573
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706107036782778
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-04b07963a2be4592c691734b7eed0673.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9A21 534 KB
118 KB 130ms
128ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:05:20 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1924
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:03 GMT
server: Cloudfront
etag: W/"95aa681b281a5fd9fb2c047afb2affcb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: aKDUdkter5ZEUqNSA4w9PleXiqA53bl6mJtzgP7WdKobFwFlbsg67w==

GET
H2 200 ui-shared-57ae7f3964c396f11299f2619763cf2b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9A21 406 KB
104 KB 149ms
148ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-57ae7f3964c396f11299f2619763cf2b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

97a2cd2c3a554b54b1f41eda4ec4e6e7038240a01503c6e8203b61a3640510a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:09:46 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1681
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Tue, 23 Jan 2024 21:05:04 GMT
server: Cloudfront
etag: W/"74750a2b46f29b49f65512111bd8dac0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7Y50JwA9Vydj_usQqk8j8i_PvFN6sHBb2FhUSBmiLzwE_nceAHU8OQ==

GET
H2 200 elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9A21 72 KB
25 KB 140ms
139ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-3ffc11299cc450c4bdf1d2675b9d9ac7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:28:58 GMT
content-encoding: gzip
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 499
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 21:19:48 GMT
server: Cloudfront
etag: W/"ac57b4658a09416a9b023bb26ee29cac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KMPTyzQWVjDlk333sC3lWEtEMhmBoVktj0Ktz17mPg0mPW1rWZXaCg==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 9A21 20 KB
3 KB 127ms
126ms Stylesheet
text/css 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:17:02 GMT
content-encoding: br
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1268
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Mon, 08 Jan 2024 21:41:44 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DBg0plj5dgKg5sx3BEQUCIL6J0T95vkYfNZvcUBxw_kTO4iT81eldQ==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 9A21 11 KB
3 KB 128ms
127ms Stylesheet
text/css 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 13:53:58 GMT
content-encoding: gzip
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2598
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
last-modified: Fri, 19 Jan 2024 21:19:37 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Ly2yXmTgJbyx6a0IWrakCzzdNyoQgTkhzsq4TtvM3dxCLhsu4NNUTg==

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 13A1 13 KB
9 KB 77ms
77ms XHR
application/json 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3af23db763b4620195f57cc6fcebb626178a20a3c2d2d1d2bd7bb70ec732986a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=qqkm4o1n0jkb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 24 Jan 2024 14:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 24 Jan 2024 14:37:16 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 243ms
243ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:16 GMT
x-stripe-server-envoy-start-time-us: 1706107036874455
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1706107036873866
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9A21 474 B
864 B 75ms
75ms Fetch
application/json 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.111.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-111-105.mrs52.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-826937446387873540409d20f5b074f5.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:36:51 GMT
via: 1.1 ced538a87283abb388c3d6022c27f752.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 21:44:00 GMT
server: Cloudfront
age: 26
x-amz-cf-pop: MRS52-P4
etag: "a1c509b5224a793d214c820498fafb8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 6qP_OajZYhHsn47buc1zcYmSPIZBgtpc6WHjnGBEdCnP4OIfrnnlsA==

POST
H2 200 b Show response
r.stripe.com/ Frame 2B45 0
272 B 209ms
209ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:17 GMT
x-stripe-server-envoy-start-time-us: 1706107037079016
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1706107037078187
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 49B9 156 B
668 B 193ms
192ms XHR
application/json 34.208.216.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.216.197 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-216-197.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e907bc436e0108940c9120dcf57a20f353f360e6a7ceb8429599bbc9be2e0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107037370955
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 5
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706107037370598
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 49B9 156 B
667 B 297ms
297ms XHR
application/json 34.208.216.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.208.216.197 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-208-216-197.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e907bc436e0108940c9120dcf57a20f353f360e6a7ceb8429599bbc9be2e0c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107037420785
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706107037420270
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 3625ms
343ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=o-1VGN0E-na1&UserId=35be5ceb-5ae4-4aaf-b9bf-baa8ac4b8a7d&SessionId=13a816b4-9a9d-4fd1-b568-3461e1e77415&PageId=a23ad1ee-9f27-49fe-bdcb-d7dc8c234553&Seq=1&PageStart=1706107036133&PrevBundleTime=0&LastActivity=809&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 99cba10558c23f98879ebe09cf9dd5aae67b667b83d567a244c8cbf368c48363

Request headers

Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kennedy24.com
date: Wed, 24 Jan 2024 14:37:20 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame D704 326 KB
92 KB 281ms
139ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 23d6e884e899d5d1262754142496b262.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 0
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84a903791b101e68-FRA
x-amz-cf-id: 0xTu1smq-4zCRp4WOgYBpPzV-oqi3J4Yk-MlSybyU7IVTG3g7QJkLw==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0add53ca.d1e7b6b2c46f0cb34935.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.6/ Frame D704 114 KB
37 KB 13ms
10ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0add53ca.d1e7b6b2c46f0cb34935.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b937209845ab8f20d6ced84d5486ff20cb4c8d754f13b26463519ed1c9731edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 24 Jan 2024 14:37:17 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 581323
x-cache: HIT
content-length: 38059
x-request-id: 72104b9b-888a-4474-afc4-674b245d8b5b
x-served-by: cache-fra-etou8220029-FRA
server: Fastly
x-timer: S1706107037.477405,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3666

GET
H2 200 HCaptchaInvisible.8685d0046428a20373d9.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.6/ Frame D704 17 KB
7 KB 91ms
89ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.8685d0046428a20373d9.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

981f5411bec37539ae7855dca59c4187332d3f3111d9fc0ddf088c9634c54ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.6/HCaptchaInvisible.html?id=4c2b5db2-665b-49e8-9afc-e8621f560d7d&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 24 Jan 2024 14:37:17 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 581323
x-cache: HIT
content-length: 7161
x-request-id: 284d9389-8c82-431a-a7bc-2852bef32178
x-served-by: cache-fra-etou8220029-FRA
server: Fastly
x-timer: S1706107037.477669,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3549

POST
H2 200 csp-report
q.stripe.com/ Frame D704 0
491 B 277ms
276ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=100&utm_campaign=path_to_victory&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 24 Jan 2024 14:37:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706107037566632
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706107037566279
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/2a00369/static/ Frame 9CC8 2 KB
1 KB 35ms
20ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=1b0odh8gw54

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017f480de452e8a0aff77bf7eb52b5b9e41282763f0b8312163e3392984c6734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 837236
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 84a9037aecfd1e68-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 24 Jan 2024 14:37:17 GMT
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2d74eb05f17e8cd9ca29da65d3b3ff48.cloudfront.net (CloudFront)
x-amz-cf-id: 2vbdoEMlmuvr3scyKxQvoZYnUeTGWdPlNX9csxTg9KapP47AhzFSZw==
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: 5seh2Fy1m5uAejWNOpND.L8.XAC93K8_
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2a00369/ Frame 9CC8 326 KB
92 KB 24ms
20ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=1b0odh8gw54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=1b0odh8gw54
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 23d6e884e899d5d1262754142496b262.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 837237
x-amz-cf-pop: MRS52-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 84a9037b2d281e68-FRA
x-amz-cf-id: 0xTu1smq-4zCRp4WOgYBpPzV-oqi3J4Yk-MlSybyU7IVTG3g7QJkLw==

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 9CC8 719 B
915 B 65ms
57ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=2a00369&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06bd32541da84ecc00dfd7dc07922c6558819e392beb1a1579606f7dd1df3c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Jan 2024 14:37:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 84a9037bcdc61e68-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
271 B 189ms
188ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:18 GMT
x-stripe-server-envoy-start-time-us: 1706107038121164
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 9
x-stripe-client-envoy-start-time-us: 1706107038120781
access-control-allow-credentials: true
content-length: 0

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/3a84c15/ Frame 9CC8 506 KB
220 KB 52ms
49ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/3a84c15/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb1fc509673c7bfa18deea5a1fab54ca33fb84b961a46a32f27f5e595b9630a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=1b0odh8gw54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:37:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eda2686dad6c190a4b0f18db47e39f0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: WxGex9z4fR9K3hI3pY622MyGuT5HJV8e
age: 301916
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jan 2024 17:07:55 GMT
server: cloudflare
etag: W/"22965986ade7ea3c1e439a2ed4224345"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 84a9037c89c13627-FRA
x-amz-cf-id: Zob2Q6GbkWQE3YdugvunoctjcFBmghW_ua17AUU0hHS79vT7HYo1Rw==

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame 9CC8 3 KB
3 KB 252ms
251ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47315fc73d5b2b24f746baed6d895793670eb220b2fce598bb70280f9761e5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Jan 2024 14:37:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 84a9038379543627-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 118ms
117ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je41m0v9113043695&_p=1706107033296&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=777399820.1706107034&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEE&_s=3&sid=1706107033&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D100%26utm_campaign%3Dpath_to_victory%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=form_start&ep.form_id=donate_page_new_donation_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.kennedy24.com%2Fforms%2Fdonations&epn.form_length=44&ep.first_field_id=donation_amount_100&ep.first_field_name=donation%5Bamount_option%5D&ep.first_field_type=radio&epn.first_field_position=5&_et=39&tfd=8530
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jan 2024 14:37:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
677 B 26ms
26ms Script
text/javascript 18.161.111.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.161.111.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-161-111-105.mrs52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:12:10 GMT
via: 1.1 ea47d216044ea5ab0ea33b56bd4cc49e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1550
x-amz-cf-pop: MRS52-P4
x-cache: Hit from cloudfront
content-length: 176
last-modified: Mon, 08 Jan 2024 21:41:58 GMT
server: Cloudfront
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: L6s_xrwEISDqvmm47aiVtORJ-w3YSm4OqyAjjNtNibtt5fis_gITMA==

POST
H2 200 b Show response
r.stripe.com/ Frame 832C 0
273 B 201ms
201ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-04b07963a2be4592c691734b7eed0673.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 24 Jan 2024 14:37:20 GMT
x-stripe-server-envoy-start-time-us: 1706107040619466
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1706107040618749
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=normal&cb=y3073ed7wor5

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 22:14:19	Name: _GRECAPTCHA Value: 09AJuq1xJJ09KDCX7sNK1096NjWnhsX_jTi2ZRF4rwepWCH_4g_BF-Vr24fe9pQ2nvUd5m_1mtCspSEUx6EuEx_Xg
paracom.paramountcommunication.com/	1970-01-20 18:05:11	Name: AWSALB Value: jpXumGG3qV0Op/+s7DDJ04QgyHwMJtIOGbA3hbFVLsszJJDgbpbHgrRThA6U8nEe3XP+llYLKI/m2Og0VK/AbNpuwSZ15OTZgO9qOz9eAjym8pDiZxKrXi8E6Zpt
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_token Value: LZoagb4orJG0kNVrnSyoDUWx1%2F60qJYX6Y2Sp80rW%2FQ%3D
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_session Value: 0c2463c1a7c00f63520283b2bce658ef
.www.kennedy24.com/	1970-01-20 17:55:08	Name: __cf_bm Value: 1vlXlcFwaprgSF5I3dYWYMnpDpfL1TQ53M58c_kQKWI-1706107031-1-AbEQXI7s9c8UNOwuckC4Yo6GEtpgabXYttqaNlQO7PYWB2FVP8HzH+0+3XkpA4dwjnVeNQbYZDZCKPs8ZHAWAEw=
.nationbuilder.com/	1970-01-20 17:55:08	Name: __cf_bm Value: dh7JNqOEfVL9ZnKE7zmdwbWo0C8BDUpFffQxPV61OrA-1706107032-1-AWFW/fjfQiTbeuQeQ4JIpLdsnDhTxtOWR5RdMWF2RHqA+bT2ACF1wAZRQjUe6XnurBSEOZq+icm/R1yW00nZva8=
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 5FZD8PeVkvM9GlyNYOJly1IKP_RE2DjCxLaAJaaQiJ8-1706107033722-0-604800000
.kennedy24.com/	1970-01-21 03:31:07	Name: _ga_CAPI12345 Value: GS1.1.1706107033.1.0.1706107033.0.0.0
.kennedy24.com/	1970-01-21 03:31:07	Name: _ga Value: GA1.1.777399820.1706107034
.kennedy24.com/	1970-01-20 20:04:43	Name: _gcl_au Value: 1.1.1727985582.1706107034
.kennedy24.com/	1970-01-21 03:31:07	Name: _ga_JWBYYEB6SQ Value: GS1.1.1706107033.1.0.1706107034.59.0.0
.doubleclick.net/	1970-01-20 17:55:07	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-21 03:31:07	Name: muc_ads Value: f39f0e54-5c2c-409e-9ff1-c6ea758094c4
.twitter.com/	1970-01-21 03:31:07	Name: guest_id_marketing Value: v1%3A170610703442816003
.twitter.com/	1970-01-21 03:31:07	Name: guest_id_ads Value: v1%3A170610703442816003
.twitter.com/	1970-01-21 03:31:07	Name: personalization_id Value: "v1_UfZXhsqkkIRa5onSQsMB5A=="
.twitter.com/	1970-01-21 03:31:07	Name: guest_id Value: v1%3A170610703442816003
.kennedy24.com/	1970-01-20 20:04:43	Name: _fbp Value: fb.1.1706107034683.1916812470
.www.kennedy24.com/	1970-01-21 02:40:43	Name: cf_clearance Value: YRzTbg5zSUvSYUTCVRa1LEDQlsBu9J_JHL1R8OFLDkM-1706107034-1-ASL/wA8qa13EdqhpaHYlVQtv5ql6d9gAroqVjcwFS8ebiizpvKAptaLaPHBNroKXmRqa/juUNbWU6k/tjzeFrBY=
.kennedy24.com/	1970-01-20 17:55:08	Name: fs_lua Value: 1.1706107036132
.kennedy24.com/	1970-01-21 02:40:43	Name: fs_uid Value: #o-1VGN0E-na1#35be5ceb-5ae4-4aaf-b9bf-baa8ac4b8a7d:13a816b4-9a9d-4fd1-b568-3461e1e77415:1706107036132::1#/1737643034
.google.com/	1970-01-20 22:18:38	Name: NID Value: 511=By7ksVQy5NBHTQ5TAbQ6HwBGqJAEf_fL1jb01h8oWEfvvQCPzCM_zS-US_XDTwUbft4GHMWBu5a25_dTqPl1MPoSXmZuC--56kwqOuC4xvQjcYtUrGf6F7ZAjHgkOX8oaCypoccvJieZ3lfrYiHiYWb3AflGUFuSJXe2pAwyAeE
m.stripe.com/	1970-01-21 03:31:07	Name: m Value: 6ed7d2e2-5323-4f59-a557-54d02459f7ba3ef7f4
.www.kennedy24.com/	1970-01-21 02:40:43	Name: __stripe_mid Value: 0628e19a-453c-4339-b82b-853e4cee5366d6e177
.www.kennedy24.com/	1970-01-20 17:55:08	Name: __stripe_sid Value: 939de8c9-d7d7-41e7-8383-942ac2fe249aa1e33a
api.hcaptcha.com/	1970-01-20 18:38:19	Name: hmt_id Value: ba57843d-8194-444c-9f75-90f688dcfb4b

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8 Message: Failed to load resource: the server responded with a status of 429 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.hcaptcha.com
assets.nationbuilder.com
b.stripecdn.com
connect.facebook.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
googleads.g.doubleclick.net
hcaptcha.com
joinkennedy.nationbuilder.com
js.stripe.com
ka-f.fontawesome.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
newassets.hcaptcha.com
p.typekit.net
paracom.paramountcommunication.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
rs.fullstory.com
server-side-tagging-ptjx4tds2q-uc.a.run.app
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.kennedy24.com
www.lightboxcdn.com
www.recaptcha.net
www.recaptcha.net
104.19.219.90
104.244.42.67
104.244.42.69
146.75.116.157
151.101.64.176
18.161.111.105
198.202.176.141
2001:4860:4802:32::36
2001:4860:4802:38::35
2606:4700:10::6816:3b64
2606:4700:4400::ac40:93bc
2606:4700:7::a29f:802d
2606:4700:7::a29f:8a2c
2606:4700::6810:3965
2606:4700::6813:d383
2606:4700:e6::ac40:cd14
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::5c
2a00:1450:400c:c0c::9d
2a02:26f0:3500:16::215:1484
2a02:26f0:780::210:a469
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.208.216.197
35.186.194.58
35.201.112.186
54.149.116.214
54.187.119.242
54.187.159.182
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
017f480de452e8a0aff77bf7eb52b5b9e41282763f0b8312163e3392984c6734
0327b7917e4ddf455491f2219f8481b90f153f6761e459a02576e3201452c6f0
042e2de0cb5720f25c17d0c9d40fbf5d1a5711c3e5e275ca939a36298e69117a
051270a03d60520447f0554587ea9636bb730702b50683230d07b00d48b2fdc9
05dd66db4277e6d34ec47c403fb36ab92d583a5b51e98c8d8d275944d8fd0b35
06bd32541da84ecc00dfd7dc07922c6558819e392beb1a1579606f7dd1df3c59
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d
0cf1fa13ba8d11e95c765d5c22258e63090acb862e19c90c1cb1cf367d95dfd7
0fede1408f276e2a67b8479fa15e674f610cdf5acd114582c80ad724f9e6c1f7
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
15c5b27aca4255d7b27656ed33d025769918ff92020b81f80cf7a87ae7250278
164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb8affc0ad0f6449490148a0ec45435d64f1494b92ad385f266b9b86d7aa076
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c56ffc47b4761b0396058aa73916486a33095af06bba5e72072ae332483dc7f
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
216bfef59afc56d26d4b60c00d01d18c6a0ad2190153e59a47c4cd1725328f03
2a45857925117a45c6c9c769ad50be518e840fe645e659762423221e1244d919
2eeb2767a99154f89fc2bb0b542adc317de36eca465611610d93f2eb652b7982
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3ad38fde14463f677c827b60d05e33a2f222de47a6825f96e27621621ee105cd
3af23db763b4620195f57cc6fcebb626178a20a3c2d2d1d2bd7bb70ec732986a
3ca644a8e65124c3801135a33517d6a3775db98530dedeba2f0ff7ba8ae0f151
3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b
3ced3edf46325429a910134583852314f2f53286a9084e725945e838cbcfe080
3cef5d81369ac39c8da814762cdcf2fb00d65bb98baa70776223ddd289c6c014
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f534a74830530483c1dd97b3689ee418a6499b5d0925aa9f009ffcfcc317fe7
3fef202588115c2a23969fc04c669b498579d162630c83b76729470321145984
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
42fa6c755c6427833572147096b10125f7dd9f965e0bbc45763625e08f80f016
47315fc73d5b2b24f746baed6d895793670eb220b2fce598bb70280f9761e5fb
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4994cb03158c7f362f375ee70bbdac9dffc6d02dbe979a9f1069dbf6e353e925
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f3ca08629dbf4b97858143154de2a7b48c4c671d6849b56aa592033a2546cf3
5fc8ee00cc47368f6fdf6519a5df026aae2aac44b3c3cb79012027af13c1b17e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
63293d7cb7e2db4b24a51f81bcf1946d5a9a516051a274997fcef446b9b7b7bd
64538376e8856edd3e56379eff18fc2755cea3d3e8ae91157b7910f29f43ca02
64e901abbb61027d2c52d97e6d94510c213d74d734641f4a3eeef5525ca7b156
68ec9616894234c98e9398e3b0bda72dc52b48cb4424ea70075df3248438a85a
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e1dbe6f7764b206653feca21226de204e15ec83d9b5a70911b70f98148031f4
6e81e4af0ac3cef0ceaf81719b9311690244090252bb0aa397f86db7ba52d814
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
71cb66aea504951c7d2499622f35a263da91af2fd72b6efd2889657da0e8b817
74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
751c35af08d9aa58dc304762b4696f0b56e3debcba775d38db4a9d87ceb1ff12
7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932
77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e718f629db56047e34605c878d5c8b2c6bd6cc9aaaea13ab7ca02b7fde8792f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81d4fa5df88680bfb5899dc73e158c00faf67f4d3d0047d41840efcb14c3b6d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8b166bc99f6365dac43bacdfbec19a488c62237293ac4a98b724339059d8c6c5
8bb7bebf16bb0b5ed838d8d37854b0020e19481546a80f93c96a09b6f0759a27
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
97a2cd2c3a554b54b1f41eda4ec4e6e7038240a01503c6e8203b61a3640510a3
981f5411bec37539ae7855dca59c4187332d3f3111d9fc0ddf088c9634c54ae5
99cba10558c23f98879ebe09cf9dd5aae67b667b83d567a244c8cbf368c48363
9d021fdb84d94bebd8b9115f63ec139ab2c6a619898372f4bcdd57ecc0b6fe30
9e8e24d184e16fdebcbe2d867598fb0e42dae703d5102fb6ca55d9c108d96f7f
9fd703e836a5c337b7d201803a8a3f62f1d83e709f14bc5660bf1d8828f1e896
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec
a7e81be515a4350b67aaa7b63485265820a3054306bfa051b75230f48b7d0e8c
a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d
ad474610db8453986b107c7cd19d0d1682bc5db392310ea60328c230e309e337
b3513f86beb2560e5e4fefd9399f5e470d6bbf711430e0d00753b7c1f393c72e
b46d3024a6c36b8cd64ac80c86cc0ab15d5302944b0e09c0919889395579338f
b4b118f1d6941d1c227f24465a739f9c03a205b53382e0aafcdfec681f394f7b
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b937209845ab8f20d6ced84d5486ff20cb4c8d754f13b26463519ed1c9731edb
b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb1fc509673c7bfa18deea5a1fab54ca33fb84b961a46a32f27f5e595b9630a3
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
caafc82aea18779c8d13a2ff9ffba32793f18d79386e049736cf5f77c94b6230
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfb7e975336d9d55857c716d6471498c580fd70077afa38292e32ca1f09e811e
d47357469d2791568ddf3a49f085f7cc2b090d0fe5502e7e58c3e988d50c5fe8
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7586f33e7304f4c80bb4abaf128b900f4579aebe44bd6340afb91ab5a5f78e4
daf3aac8f3ea2e625190348ef637bead51fe178e4dacd89590e4ae5eac6dbee3
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e9a911d66b6b649a86654b9ead663eb94c0a78cd37376b3ad5cf7f9a428fe8
e907bc436e0108940c9120dcf57a20f353f360e6a7ceb8429599bbc9be2e0c23
e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
eb05a9cff94081fbf5993ebc787ddfcd8287c70b306bbde8fe38ec5dde02af2d
ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a
eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efef889adaef80d21e620d06956618a3f355c23961901039c0aae1d8893bda99
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f5f8cbd0f5ba7a05c6caedd3b32ba05d22f2afd1be44c49bf757590ec080e9c3
f6ac76fbfe4390d1fac5477576bf0dc330abc8135e79f08c30f367e42703133f
fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.kennedy24.com Open in urlscan Pro 2606:4700:7::a29f:802d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

98 %HTTPS

68 %IPv6

26 Domains

46 Subdomains

42 IPs

4 Countries

4602 kBTransfer

15392 kBSize

26 Cookies

7 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:802d Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

98 %
HTTPS

68 %
IPv6

26
Domains

46
Subdomains

42
IPs

4
Countries

4602 kB
Transfer

15392 kB
Size

26
Cookies

197 HTTP transactions
2 data transactions