pages.kw.com Open in urlscan Pro
130.211.6.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.mailer.kw.com/c/eJx9UsmymzAQ_Br7FpeEWMSBA5jFKw-TGIMvLoFk4LFjMNhfH70kxyRVc5iZnp7qWZgGZVkFAIoiXlKNMRYzeZlrAhAECA...
Effective URL:
https://pages.kw.com/jill-gordon/782582/thankful.html
Submission: On November 21 via api (November 21st 2022, 5:35:46 pm UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 52 HTTP transactions. The main IP is 130.211.6.176, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is pages.kw.com.
TLS certificate: Issued by R3 on November 11th 2022. Valid for: 3 months.

This is the only time pages.kw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.127.83.42 34.127.83.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	130.211.6.176 130.211.6.176	15169 (GOOGLE) (GOOGLE)
3	54.231.162.192 54.231.162.192	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.8 65.9.58.8	16509 (AMAZON-02) (AMAZON-02)
1	52.217.38.124 52.217.38.124	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:813::2010	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	35.227.253.245 35.227.253.245	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
52	16

1 34.127.83.42 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.83.127.34.bc.googleusercontent.com

email.mailer.kw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.6.176 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 176.6.211.130.bc.googleusercontent.com

pages.kw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.162.192 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-8.fra56.r.cloudfront.net

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.38.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

kw-console-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.253.245 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 245.253.227.35.bc.googleusercontent.com

kong.command-api.kw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	244 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	618 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 maps.googleapis.com — Cisco Umbrella Rank: 364 storage.googleapis.com — Cisco Umbrella Rank: 398	1 MB
5	kw.com 1 redirects email.mailer.kw.com — Cisco Umbrella Rank: 768770 pages.kw.com kong.command-api.kw.com — Cisco Umbrella Rank: 332072	38 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	26 KB
4	amazonaws.com s3.amazonaws.com kw-console-assets.s3.amazonaws.com — Cisco Umbrella Rank: 563489	339 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 6722	14 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	25 KB
1	cloudfront.net d1azc1qln24ryf.cloudfront.net	3 KB
52	11

	Domain	Requested by
12	cdnjs.cloudflare.com	pages.kw.com cdnjs.cloudflare.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	pages.kw.com www.gstatic.com www.google.com
4	storage.googleapis.com	pages.kw.com
4	maps.googleapis.com	pages.kw.com maps.googleapis.com
3	kong.command-api.kw.com	pages.kw.com
3	s3.amazonaws.com	pages.kw.com
2	www.facebook.com	pages.kw.com
2	connect.facebook.net	pages.kw.com connect.facebook.net
2	fonts.googleapis.com	pages.kw.com s3.amazonaws.com
1	cdn.ravenjs.com	pages.kw.com
1	cdn.jsdelivr.net	pages.kw.com
1	kw-console-assets.s3.amazonaws.com	pages.kw.com
1	d1azc1qln24ryf.cloudfront.net	pages.kw.com
1	pages.kw.com
1	email.mailer.kw.com	1 redirects
52	17

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
pages.kw.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-30` - `2023-10-01`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
kong.command-api.kw.com GTS CA 1D4	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-31` - `2022-11-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://pages.kw.com/jill-gordon/782582/thankful.html
Frame ID: 2E7E1D80637D3E4CDB75D5DB95D337B0
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS&co=aHR0cHM6Ly9wYWdlcy5rdy5jb206NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&theme=dark&size=normal&cb=olim004r9cbe
Frame ID: D05B7BA01C272D5750110BD127C0188E
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS
Frame ID: B00DDC07450C1A1C3E78888018A227AC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thanksgiving Feast giveaway

Page URL History Show full URLs

https://email.mailer.kw.com/c/eJx9UsmymzAQ_Br7FpeEWMSBA5jFKw-TGIMvLoFk4LFjMNhfH70kxyRVc5iZnp7qWZgGZVkFAI... HTTP 302
https://pages.kw.com/jill-gordon/782582/thankful.html Page URL

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js
cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

63 %
IPv6

11
Domains

17
Subdomains

16
IPs

2
Countries

2720 kB
Transfer

4903 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/JillGSOLD
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/JillGordonSOLD
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jillgordonsold/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdin2YK259JaqBfdX9GLdeA
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jillgordonsold/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.mailer.kw.com/c/eJx9UsmymzAQ_Br7FpeEWMSBA5jFKw-TGIMvLoFk4LFjMNhfH70kxyRVc5iZnp7qWZgGZVkFAIoiXlKNMRYzeZlrAhAECAUIEAIiXlGi8jqciIrCOCQuRFCRvGT9qphWSVMtM41SIDEMsCAlMWAQIUhFjBmBiQxxIoBlqWXD0D4WSF8INreWpOzxh8_Dz7wsv6VNT5uaRwrvgwXuDBmpi_tYrrKhKpe9lrzqIcvJirKE9IyMM5dCqnaMyzz5pWTQ1vrR07eO-_32u8sNSlwNVv8D3WTIYgRUBSREFBK-D8oUmUnCTT-bW8tdW38j_4u0pGQgGj0-FOW0DbpLu5E_2oCOZ1e04ux0dw27mexDDltnAJ4dz0IW8FF78dB9XAo8HsPj3aI845m10UtJV4wtOqXGbhjmcFaHdCEYVw77lvCO_P1UNhHP9O-HWfrxnn6w3VSDuETr6aCE-VMGkjS9SRqNBPRSuxmhxIrDecyaLqC5PZ3usvmarxJzXkS53AMdIN3L3jg4pNXR_vGpl5XvUHVdVmhvbaSjqgK3yUJv67tpQnYP8-tMnW4elAL_6FOAo9yQEwjNSgxRbszIj8JgRl8TWte6SDdQCpTOd2DoKhv-G-Ncyy_vnHv7oONFl4nsSyMiRZjk2GjEs_rpBNfLM3qOZQ0e9TPdYeaYNL13dpAukMntJ2fY20k HTTP 302
https://pages.kw.com/jill-gordon/782582/thankful.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request thankful.html Show response
pages.kw.com/jill-gordon/782582/
Redirect Chain

https://email.mailer.kw.com/c/eJx9UsmymzAQ_Br7FpeEWMSBA5jFKw-TGIMvLoFk4LFjMNhfH70kxyRVc5iZnp7qWZgGZVkFAIoiXlKNMRYzeZlrAhAECAUIEAIiXlGi8jqciIrCOCQuRFCRvGT9qphWSVMtM41SIDEMsCAlMWAQIUhFjBmBiQxxIoBlqWX...
https://pages.kw.com/jill-gordon/782582/thankful.html

36 KB
36 KB

305ms
242ms

Document
text/html

130.211.6.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.6.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 176.6.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3c2667e0918922ec5d713ce11e97c27c2846ad75d710e0a18da5987308be1c92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36607
content-type: text/html
date: Mon, 21 Nov 2022 17:35:40 GMT
via: 1.1 google

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-store
content-length: 456
content-type: text/html
date: Mon, 21 Nov 2022 17:35:39 GMT
location: https://pages.kw.com/jill-gordon/782582/thankful.html
x-robots-tag: noindex
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK real.css
s3.amazonaws.com/kw-console-assets/css/ 115 KB
115 KB 317ms
116ms Stylesheet
text/css 54.231.162.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/kw-console-assets/css/real.css
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.162.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7e7219035199666be957f506333b056672a3ab26d501f56d0d7335e01b54c514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 17:35:41 GMT
Last-Modified: Tue, 29 Oct 2019 19:58:00 GMT
Server: AmazonS3
x-amz-request-id: MEAMME7RXC6E3BG1
ETag: "7b6a63ca9b87e04a45e9df06128197da"
Content-Type: text/css
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 117301
x-amz-id-2: WpkRoeUbQ86xStUtFs/37EJtWgOlQVgZwxC3Mr6+btN7dTYupRj8aHF4LZTUD/70YRA1f4CH2rI=

GET
H2 200 style-cf.css
d1azc1qln24ryf.cloudfront.net/149221/KW/ 14 KB
3 KB 39ms
9ms Stylesheet
text/css 65.9.58.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1azc1qln24ryf.cloudfront.net/149221/KW/style-cf.css
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1858fc0109c3f43cc11d00d00f9ce7beb0179c7be71f7bffd00605d63bb799e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 03:54:04 GMT
content-encoding: gzip
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 20:06:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 6874897
etag: "0a125cced9f7693cb606d34e05b71068"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31000000
accept-ranges: bytes
content-length: 2714
x-amz-cf-id: DkGA9rSshzj265W8iIev70XP_BTBqcuv-KBwsGpvDj-1TiEFQGeJow==

GET
H/1.1 200
OK prefixed-consumer-grid.css
kw-console-assets.s3.amazonaws.com/css/ 220 KB
220 KB 376ms
124ms Stylesheet
text/css 52.217.38.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kw-console-assets.s3.amazonaws.com/css/prefixed-consumer-grid.css
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.38.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fafdf01a280079f8b79ce3183e5b5bffd61b11f1565a376b1886a369dfdffa32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 17:35:41 GMT
Last-Modified: Mon, 04 Nov 2019 16:15:18 GMT
Server: AmazonS3
x-amz-request-id: MEAZ3BCQ377T8J1K
ETag: "412c974cb7bce2de673607134fbd623f"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 225084
x-amz-id-2: 3cDa06RXIR+7AGLtpulYJG5UsBm3ZC9p1mgHYeVm51jpBskPEz6iN9qsB36muh+2QSy5zX3EWoo=

GET
H2 200 nouislider.min.css
cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/ 4 KB
2 KB 66ms
43ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/nouislider.min.css

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3323ce4a9aebf7fbd1c174d8734b1ac3ceb297318cd8755129651f1c816d6bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2157032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 921
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-f0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO%2FQJW6g0S5G9kgnS0KIunnhhHJV8TQurkRu5Udo3OpC1WanCzrhZ4LJK44nL6mrzYSONz%2BzAwrxXaz%2F6Z%2BWWQYmb138dcTYEKm5qnjzZiCKMumHqExwaJBa6I8MkG3rIyIy6qvVaj9GN%2BT%2FNkLGUGzI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43ee2bbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 tiny-slider.css
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/ 2 KB
908 B 67ms
44ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/tiny-slider.css

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1641150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 573
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-882"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MllFkj2h19z6hTX2keTpZVBpBxA0Ng7YNGqaUTlf4s4kym%2BkfE7IfR%2BkS0x2j9W1nZtswZZqaZ4heV2kfGlkNco1TblEw8H4b8xycSiUY%2FWp6XhScyeLp9wktxh%2FYykqTRKJ6maAx55hpHffVPWaunA1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43ee7bbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 62ms
27ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2033dd9e558a056074496ad0737e1e018ab30e7786e91023a5145288c5b21c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 17:35:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Nov 2022 17:35:40 GMT

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/ 25 KB
2 KB 60ms
38ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/intlTelInput.css

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 937854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1970
last-modified: Tue, 13 Sep 2022 14:08:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63208edf-7b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LgA1%2Bumyb%2BG2rZYXzRmjdzHpHAZfcZJ8QUHnlu8s%2FKngzXMljwUEmDeB8ipbsVYGGoG5Rf1L9HuzXYwNOtgr8kgQ%2BjWrn%2FWr095PnOilnlJBitr5QDkAg5a9U73Fn%2BTxKryVLbceOl6lLyY5mWhEx9I"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43eecbbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 167 KB
55 KB 122ms
46ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

ba82d6cd93ae9cf881b3645ba46810b9a77b7e88a305d5b8e610c08c62a9beed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=24
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55952
x-xss-protection: 0
expires: Mon, 21 Nov 2022 18:05:40 GMT

GET
H2 200 es5-shim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.9/ 25 KB
8 KB 41ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.5.9/es5-shim.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 11211342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7596
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-636d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9Tp5KYcl%2Bz4mFTceGQ9g4o4n%2Fa6sZnW4WfB5yoSnNmOnyD02YSKQIAcfnFd1CDXGfrAzP1XnxZ9TEsMwVBCjKqu3%2B0riaFGaKJ8Am%2Fcl3r9hMjov7AFqzErYgEDcutmiDrr21%2B9QIJprSeNflloMTgB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43ef0bbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 es6-shim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.9.3/ 16 KB
5 KB 40ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.9.3/es6-shim.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88523d4d96f0cc7b8fc1846963d2122ad4fc7e72d9fa6a3b4bb164a96e702d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 24865178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4820
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-3ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aHQG1Q%2FWORhKSmA621VC5zpapeLZjb5VbbRmwGNS2esoNpG5mUizfh88LanevRnvosp9KTQPr7zeOK1Hqy7i8Smc1j%2Fi39JqcMIDDctS%2FCExReoyvo6cId7ujc03LZMQeSHqRF%2BcnsBIFW9Xz8u5Lnx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43efdbbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 nouislider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/ 22 KB
7 KB 47ms
44ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/noUiSlider/12.1.0/nouislider.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bebe1420e09ea56a69f510ef8728891eea03719de99955b8581dc1c1821a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 434173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6961
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-5740"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyXm%2FBIFQBv7J9mPJoo46%2BsOX0wKbuKNMyxIGjN2Ddj26RUY2RdBJppgwXVU%2BXewbIZdsTvy21RJpH1LGuRZB1dRln%2F6BnfvoX42P5gz7R1es2MhQFg6ZabXSQETbSdi1GHQVWfwvzqtt7tamtPgV1hq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43effbbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 Chart.bundle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/ 205 KB
55 KB 31ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.3/Chart.bundle.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1694179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55786
last-modified: Mon, 04 May 2020 16:03:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cee-335f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjKLUAcOBExR1fA9KiDa1DuTV2ReCZJt00SN0753YKM563ZKs28SpHfIdujV%2FDHx3evagp2O1HdkO5PDIWtF4vKdHYP96fxS9Wuqfc6XQIPxrqFZDvS3crMp7FgNistNTf8ykgCh5cb%2F4PesiSj61mp3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43f03bbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 tiny-slider.js Show response
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/ 31 KB
11 KB 45ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.1/min/tiny-slider.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5abbe1236a010bbe65bb5e80ce833e0308a1dea741ae0be930e94f0640aa3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 427743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11348
last-modified: Mon, 04 May 2020 16:17:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffd-7bf9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQkf8%2FZa8SPmXGVYdnvV4DOahZrOIYHERr8LACxnFnFw3SRnYJIF%2FuFBqjAuY25smnuIo86ieZMWde%2BFCbqfQEZ50nf9JDTH%2FG8ZvpNMuP700LSg3iWvatUb9Jz0AtTyFJ9B5NrxSzkEbjzd6y2DWeJV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43f06bbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 lodash.min.js Show response
cdn.jsdelivr.net/npm/lodash@4.17.11/ 72 KB
25 KB 67ms
40ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lodash@4.17.11/lodash.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21197636
x-jsd-version: 4.17.11
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19141-FRA, cache-hhn4076-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"11e0d-3OXT28m77PLKdI3jgbSD65CA5Po"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkNztJDIey1X%2BJn7C324eLB%2Bh9tnUWUoBr7HJdtcnNAYRFOhsMJVe7%2Bqsy9q9k5KSawXrrjq3GmhakZ9tvb3WJ4uj2fW5G37%2Bh%2ByNE5CUhlibCSnI0Qyx2RQiJfeh0d0eBVNeknuRtivuDUd9V4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76db2ee458af9963-FRA

GET
H2 200 libphonenumber-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.9.20/ 148 KB
32 KB 46ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/libphonenumber-js/1.9.20/libphonenumber-js.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65545b63c9371c00f0e3acd843b61a550cb36b310784e3a944496012171a91f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13066768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32164
last-modified: Sun, 20 Jun 2021 19:35:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60cf987e-7da4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MT8mMfc8DEZeqxh3hjXeFAzlrF0ZYJJ1AJ2dspVoZtQqq7rC%2FmFneqlY0DP%2BcQ3Wzk6J7KECBfUnm49L1iZvItUf4gnrm%2FHLbWsjqvYA6Ff4xknLJDrOLOLHr2z%2BgnbnfqZRw1uhobxhziNYot3q3s%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43f0bbbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/ 29 KB
9 KB 49ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/intlTelInput.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd20b6e4bb5af8690406a2de275141ea221822ba78a99261b5412d2ba9ca217c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 425890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8933
last-modified: Tue, 13 Sep 2022 14:08:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63208edf-22e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FzHWHHu%2BfGkJbWJM46BqwEK%2FywdoEAX0GGOk0E0jZuHW3FYwguA%2FinNkgUctCZ6yUork01WrwQZfOL2D8Nx2vWqJIXft5mK5l5HltbpS8r%2BVkuvuw8HJoh52PKovzxcBRLPQUKKZVT%2BZASkrsy81iLr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43f0fbbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/ 243 KB
45 KB 39ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/js/utils.min.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67fec30ceac38bc9439e34f50f29a25697238404f8d382641e0f81d214196bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2066335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45672
last-modified: Tue, 13 Sep 2022 14:08:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63208edf-b268"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unC1DeJMbh8p6tn33atwsBQ2mDDbI0%2FuM0fhSee%2BBxLvIBO8Aw7Qm52iiPKeoH6ytqsGTamhnYCBMJErScGhStpl9Fj7Yd5ACxHh5Hjbz0Ua%2BT3Lt%2FpnNxcaO2XRwufWsWMuMGisFpr%2FAgkjkQdldDNn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee43f12bbb0-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.26.4/ 37 KB
14 KB 40ms
11ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e

Request headers

Referer: https://pages.kw.com/
Origin: https://pages.kw.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Jul 2018 09:10:03 GMT
server: Fastly
age: 40327
etag: "e7a52e3ca61154fb6077ca08d351e3e3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13757

GET
H/1.1 200
OK informal.svg
s3.amazonaws.com/kw-console-assets/images/kw-logos/ 705 B
1 KB 105ms
105ms Image
image/svg+xml 54.231.162.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/kw-console-assets/images/kw-logos/informal.svg
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.162.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8604d3eec7c80801fd4b09422bf218549e84ac8cc78a24d6af061502958a1726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 17:35:41 GMT
Last-Modified: Tue, 11 Sep 2018 19:00:55 GMT
Server: AmazonS3
x-amz-request-id: MEAHH4YAHP3GF7GR
ETag: "d6216ae032abe8f49988b7554ffeea69"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 705
x-amz-id-2: jSrhnsaDIRsLvBnksmes4Tuiw4A8YKUXI9rZzOvHe1FCJ0woJAIgNy6P2mEe4dMoqalxbCdM1z0=

GET
H2 200 cdsgbo2dn5th8ulkl170.png
storage.googleapis.com/attachment-prod-e2ad/782582/ 1003 KB
1004 KB 184ms
136ms Image
image/png 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/attachment-prod-e2ad/782582/cdsgbo2dn5th8ulkl170.png
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fea33feb44d97851981109cf24109c9b8ebed3d3a9c197eb896faddb52c554d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
age: 0
x-guploader-uploadid: ADPycdv1I4fv96HOmPB_ZU546UlfKo6rt55FegeGzWotsx1k973h-CtHRkwoOMQtBzZMcVG3-w6C7SHGcc71qzxPjzU2ng
x-goog-meta-file-name: thanksgivinig rev bold100.png
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename=thanksgivinig rev bold100.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026894
last-modified: Sat, 19 Nov 2022 16:35:44 GMT
server: UploadServer
etag: "d3fe74df52bfdd4a8cf7f6cd96372928"
x-goog-generation: 1668875744138435
x-goog-hash: crc32c=wp9GJA==, md5=0/5031K/3UqM9/bNljcpKA==
access-control-allow-origin: *
content-type: image/png
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 1026894
accept-ranges: bytes
expires: Mon, 21 Nov 2022 17:35:40 GMT

GET
H/1.1 200
OK primary.svg
s3.amazonaws.com/kw-console-assets/images/kw-logos/ 3 KB
3 KB 106ms
105ms Image
image/svg+xml 54.231.162.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/kw-console-assets/images/kw-logos/primary.svg
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.162.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dea27875291d291aa06e8924d16bf8f2ff6754ea6d2c2cf4ffe4bc8da2b90cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 21 Nov 2022 17:35:41 GMT
Last-Modified: Tue, 11 Sep 2018 19:01:05 GMT
Server: AmazonS3
x-amz-request-id: MEANPWWZYT5K14AE
ETag: "47b93eaf62770c73a9f4e323d8741ef6"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2659
x-amz-id-2: T6lgNZNJRTx542JQGABMGQpfCZFvdpHHf83IOXo9T88ITm9kD9LTbzqpmSpwx1/Be3NizXc8iBk=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
990 B 59ms
23ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8693f36915f0b5c5002ef3b18c79f3db7f3892738b8521437b4a869b77989de8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 1; mode=block
expires: Mon, 21 Nov 2022 17:35:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
525 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,600,700

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/kw-console-assets/css/real.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f72fb442efc899dbc02856c16b4e5648170813aa58b7e9f86bfed4024538b9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 17:30:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Nov 2022 17:35:40 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 60ms
31ms XHR
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://pages.kw.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 cdsgkl2srqns55mcdo3g Show response
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 573 B
433 B 230ms
117ms Fetch
application/json 35.227.253.245
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cdsgkl2srqns55mcdo3g
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.253.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 245.253.227.35.bc.googleusercontent.com
Software: nginx/1.15.6 /
Resource Hash: a196d1e69376f19e2d3ca9b346f9f228bc718b1eeb677d360d37ecb0fff578fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.15.6
x-kong-proxy-latency: 0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cdsgda5k30qc27iigajg Show response
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 345 B
476 B 223ms
116ms Fetch
application/json 35.227.253.245
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cdsgda5k30qc27iigajg
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.253.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 245.253.227.35.bc.googleusercontent.com
Software: nginx/1.15.6 /
Resource Hash: 6e2f15d962f8b9963eb287945a8a3c2a675dc767e543bbccdafed496e90734ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.15.6
x-kong-proxy-latency: 0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-kong-upstream-latency: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 cdsgfa5k30qc27iigal0 Show response
kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/ 853 B
574 B 227ms
120ms Fetch
application/json 35.227.253.245
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://kong.command-api.kw.com/widget-manager/public/api/v1/widget-config/cdsgfa5k30qc27iigal0
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.253.245 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 245.253.227.35.bc.googleusercontent.com
Software: nginx/1.15.6 /
Resource Hash: b99233eef011ce528dbab81fa57db8969b35b2a92e562a47e2ea58912ecf35fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.15.6
x-kong-proxy-latency: 0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-kong-upstream-latency: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 69ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 21 Nov 2022 17:35:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /n/vN2JMSghkI7xfN4uyIoT57fsu4VvlImEl8j2pfIJrLgW7uci1afoazUCPbh2Gav/9r4HhI8KIL42ShcfFew==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/img/ 66 KB
67 KB 36ms
25ms Image
image/png 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.19/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 937978
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67650
last-modified: Tue, 13 Sep 2022 14:08:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63208edf-10842"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDiDMrZ7ZV9EqoNZwa2nk7KXmJ5XAgABR%2FC2MlOUjq1G1miXHD6Phoe5GD4WpjxV19W4D8InSS00gTsxFLICvF9KNQfKiKaVhq8%2FGBqhoV6uRTGPjY4Pnrk%2BL%2B4GJyPfQY3QukNvFeGAy%2FYmHLB%2BHLrR"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76db2ee8cf445b32-FRA
expires: Sat, 11 Nov 2023 17:35:40 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 68ms
32ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo+Narrow:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700|Source+Sans+Pro:400,400i,600,600i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.kw.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:24:52 GMT
x-content-type-options: nosniff
age: 425448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:24:52 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 72ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.kw.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:30:55 GMT
x-content-type-options: nosniff
age: 187485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 13:30:55 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 54ms
18ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.kw.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:07:08 GMT
x-content-type-options: nosniff
age: 250112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:07:08 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 51ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pages.kw.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 425440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 19:25:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
161 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pages.kw.com/
Origin: https://pages.kw.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 13:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 13:55:59 GMT

GET
H3 200 1349076498498506 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 268ms
243ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1349076498498506?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f86154801a60962e0a779f38f92f5930f241e01649b1aca7e7451a87a69f2c6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 21 Nov 2022 17:35:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Dm6E7cPcCRnluFr8wl2lKdBw9u5tJdRGlAiH1t+AvBqy92KuBZFUV705VZ1DdyDSwfCz0H2hXXCwvex9wTFOgA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D05B 44 KB
24 KB 92ms
36ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS&co=aHR0cHM6Ly9wYWdlcy5rdy5jb206NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&theme=dark&size=normal&cb=olim004r9cbe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95c2e171ed615558482d5a58e6b75ddea7a8c85d386c301a0e1ba1b566f41897

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ehg_LKMdDjbUuyTp7SsFEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.kw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 24141
content-security-policy: script-src 'report-sample' 'nonce-Ehg_LKMdDjbUuyTp7SsFEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 17:35:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame D05B 52 KB
24 KB 146ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS&co=aHR0cHM6Ly9wYWdlcy5rdy5jb206NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&theme=dark&size=normal&cb=olim004r9cbe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 11:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 11:24:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame D05B 402 KB
161 KB 144ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 13:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 13:55:59 GMT

GET
H3 200 c3fjj8ukkmtr1grk7n8g.png
storage.googleapis.com/attachment-prod-e2ad/782582/ 32 KB
32 KB 161ms
125ms Image
image/png 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/attachment-prod-e2ad/782582/c3fjj8ukkmtr1grk7n8g.png
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d00bb0e81603d5c94810bdd4b855f8ec8dc8fa371f9117f99f25a0d9f74d21f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
age: 0
x-guploader-uploadid: ADPycdv4ZAV1DOMxQjmkiyOe3g1sImrt1f8-H113DSySiITqy2c1uAyc4eL2PQa4IZ9FchvOB5sN0zTSvh2X7z5bQZNOJQ
x-goog-meta-file-name: Screen Shot 2021-07-02 at 11.06.51 AM.png
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename=Screen Shot 2021-07-02 at 11.06.51 AM.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32323
last-modified: Fri, 02 Jul 2021 16:06:59 GMT
server: UploadServer
etag: "2bf1cfc7bd124c0372914d26a89e67ab"
x-goog-generation: 1625242019416682
x-goog-hash: crc32c=2I/vKg==, md5=K/HPx70STANykU0mqJ5nqw==
access-control-allow-origin: *
content-type: image/png
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 32323
accept-ranges: bytes
expires: Mon, 21 Nov 2022 17:35:41 GMT

GET
H3 200 c3asomdo0k2b5hnslkdg.png
storage.googleapis.com/attachment-prod-e2ad/782582/ 50 KB
50 KB 180ms
145ms Image
image/png 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/attachment-prod-e2ad/782582/c3asomdo0k2b5hnslkdg.png
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 410e56b85390f3d4c0c13511d46f862b62bb8af70e54023bcd34cad373c465a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
age: 0
x-guploader-uploadid: ADPycdszjLaSb6mZgatLT08KB5freGHEy-L7K1JSoxG_5w5Lcr5yRUlQe7xHXpeVzoXXQAa2K2goG_ZrwsfsuaPkGj0ueA
x-goog-meta-file-name: blob
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename=blob
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51668
last-modified: Fri, 25 Jun 2021 12:30:17 GMT
server: UploadServer
etag: "683ac23786de0356bae761099a1c1c76"
x-goog-generation: 1624624217121687
x-goog-hash: crc32c=ILN8Vw==, md5=aDrCN4beA1a652EJmhwcdg==
access-control-allow-origin: *
content-type: image/png
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 51668
accept-ranges: bytes
expires: Mon, 21 Nov 2022 17:35:41 GMT

GET
H3 200 c3cv38to0k2b5hnsm9m0.jpeg
storage.googleapis.com/attachment-prod-e2ad/782582/ 29 KB
29 KB 154ms
133ms Image
image/jpeg 2a00:1450:4001:813::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/attachment-prod-e2ad/782582/c3cv38to0k2b5hnsm9m0.jpeg
Requested by: Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8c569ed9016d2ff779e1f4db76d4d5b423a94d6b0ccd88e6df616523fe0c2eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
age: 0
x-guploader-uploadid: ADPycdufDzqN84smazoV_9CkaJtfm3Mc88GV0d_s5t0sx380wW9oc_LqMf0reQvy8CeX5DlMDGgGzuVIcZCGxiitUGDWLQ
x-goog-meta-file-name: JillG Photosquare.jpeg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename=JillG Photosquare.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29966
last-modified: Mon, 28 Jun 2021 15:58:27 GMT
server: UploadServer
etag: "ea6d4554a8ed123f7ab45887b3140a2c"
x-goog-generation: 1624895907203106
x-goog-hash: crc32c=40sIbQ==, md5=6m1FVKjtEj96tFiHsxQKLA==
access-control-allow-origin: *
content-type: image/jpeg
cache-control: Cache-Control:private, max-age=0, no-transform
x-goog-stored-content-length: 29966
accept-ranges: bytes
expires: Mon, 21 Nov 2022 17:35:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 79ms
27ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1349076498498506&ev=PageView&dl=https%3A%2F%2Fpages.kw.com%2Fjill-gordon%2F782582%2Fthankful.html&rl=&if=false&ts=1669052141335&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669052141334.15049539&it=1669052140998&coo=false&exp=c0&rqm=GET

Requested by

Host: pages.kw.com
URL: https://pages.kw.com/jill-gordon/782582/thankful.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 21 Nov 2022 17:35:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame D05B 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D05B 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D05B 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 513353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 22 Nov 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D05B 15 KB
15 KB 82ms
50ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 512054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 19:21:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D05B 102 B
134 B 38ms
38ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS&co=aHR0cHM6Ly9wYWdlcy5rdy5jb206NDQz&hl=de&v=Km9gKuG06He-isPsP6saG8cn&theme=dark&size=normal&cb=olim004r9cbe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 17:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 21 Nov 2022 17:35:41 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B00D 7 KB
1 KB 36ms
29ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d26c100a5f37ab075215841bacae197d736ab28f13872e4aae043e3d16f49878

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iW2WcScWWNdRvxCA21MNRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.kw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-iW2WcScWWNdRvxCA21MNRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 21 Nov 2022 17:35:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame B00D 52 KB
24 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 11:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 11:24:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame B00D 402 KB
161 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6LduBYMUAAAAAE69___HAv4esfRm76uLXVT3ejlS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 13:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 13:55:59 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 55ms
29ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1349076498498506&ev=Microdata&dl=https%3A%2F%2Fpages.kw.com%2Fjill-gordon%2F782582%2Fthankful.html&rl=&if=false&ts=1669052141839&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Thanksgiving%20Feast%20giveaway%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%3Awidth%22%3A%221600%22%2C%22og%3Aimage%3Aheight%22%3A%22900%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669052141334.15049539&it=1669052140998&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 21 Nov 2022 17:35:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/1/intl/de_ALL/ 248 KB
68 KB 49ms
17ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ed2c9d58b78fa07b6a5d9d3cf4d6a781c4d1c224f5e8dbd08c82f57a9790f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69716
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 21:36:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 18:43:00 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/1/intl/de_ALL/ 166 KB
61 KB 54ms
23ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAS6oOPLcY00yLW1U4hGt6DWMOI8YRaF70&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8998bfa1e091f216d4de2cd3a16a81b6ef189951b3adf1326f11b33d54a5bde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pages.kw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62600
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 21:36:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 18:43:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kw.com/	1970-01-20 09:47:08	Name: _fbp Value: fb.1.1669052141334.15049539

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.ravenjs.com
cdnjs.cloudflare.com
connect.facebook.net
d1azc1qln24ryf.cloudfront.net
email.mailer.kw.com
fonts.googleapis.com
fonts.gstatic.com
kong.command-api.kw.com
kw-console-assets.s3.amazonaws.com
maps.googleapis.com
pages.kw.com
s3.amazonaws.com
storage.googleapis.com
www.facebook.com
www.google.com
www.gstatic.com
130.211.6.176
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2010
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::729
34.127.83.42
35.227.253.245
52.217.38.124
54.231.162.192
65.9.58.8
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2033dd9e558a056074496ad0737e1e018ab30e7786e91023a5145288c5b21c61
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2ed2c9d58b78fa07b6a5d9d3cf4d6a781c4d1c224f5e8dbd08c82f57a9790f34
319a395d8d4087b67602e8b8fda9647de8aadc2a2931d57f6db91cfd2878d7eb
3323ce4a9aebf7fbd1c174d8734b1ac3ceb297318cd8755129651f1c816d6bbe
3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e
3c2667e0918922ec5d713ce11e97c27c2846ad75d710e0a18da5987308be1c92
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
410e56b85390f3d4c0c13511d46f862b62bb8af70e54023bcd34cad373c465a3
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
57bebe1420e09ea56a69f510ef8728891eea03719de99955b8581dc1c1821a57
65545b63c9371c00f0e3acd843b61a550cb36b310784e3a944496012171a91f9
6e2f15d962f8b9963eb287945a8a3c2a675dc767e543bbccdafed496e90734ab
6f86154801a60962e0a779f38f92f5930f241e01649b1aca7e7451a87a69f2c6
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7e7219035199666be957f506333b056672a3ab26d501f56d0d7335e01b54c514
8604d3eec7c80801fd4b09422bf218549e84ac8cc78a24d6af061502958a1726
8693f36915f0b5c5002ef3b18c79f3db7f3892738b8521437b4a869b77989de8
88523d4d96f0cc7b8fc1846963d2122ad4fc7e72d9fa6a3b4bb164a96e702d48
8998bfa1e091f216d4de2cd3a16a81b6ef189951b3adf1326f11b33d54a5bde3
8c569ed9016d2ff779e1f4db76d4d5b423a94d6b0ccd88e6df616523fe0c2eb5
95c2e171ed615558482d5a58e6b75ddea7a8c85d386c301a0e1ba1b566f41897
a196d1e69376f19e2d3ca9b346f9f228bc718b1eeb677d360d37ecb0fff578fe
a5abbe1236a010bbe65bb5e80ce833e0308a1dea741ae0be930e94f0640aa3de
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b67fec30ceac38bc9439e34f50f29a25697238404f8d382641e0f81d214196bd
b99233eef011ce528dbab81fa57db8969b35b2a92e562a47e2ea58912ecf35fe
ba82d6cd93ae9cf881b3645ba46810b9a77b7e88a305d5b8e610c08c62a9beed
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1858fc0109c3f43cc11d00d00f9ce7beb0179c7be71f7bffd00605d63bb799e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d00bb0e81603d5c94810bdd4b855f8ec8dc8fa371f9117f99f25a0d9f74d21f8
d26c100a5f37ab075215841bacae197d736ab28f13872e4aae043e3d16f49878
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
dea27875291d291aa06e8924d16bf8f2ff6754ea6d2c2cf4ffe4bc8da2b90cdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
f72fb442efc899dbc02856c16b4e5648170813aa58b7e9f86bfed4024538b9a6
fafdf01a280079f8b79ce3183e5b5bffd61b11f1565a376b1886a369dfdffa32
fd20b6e4bb5af8690406a2de275141ea221822ba78a99261b5412d2ba9ca217c
fea33feb44d97851981109cf24109c9b8ebed3d3a9c197eb896faddb52c554d2

pages.kw.com Open in urlscan Pro 130.211.6.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

63 %IPv6

11 Domains

17 Subdomains

16 IPs

2 Countries

2720 kBTransfer

4903 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pages.kw.com Open in urlscan Pro
130.211.6.176 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

63 %
IPv6

11
Domains

17
Subdomains

16
IPs

2
Countries

2720 kB
Transfer

4903 kB
Size

1
Cookies

52 HTTP transactions
2 data transactions