www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:802d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Effective URL:
https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Submission: On December 18 via api (December 18th 2023, 12:00:41 am UTC) from IE — Scanned from DE

Summary HTTP 330 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 28 domains to perform 330 HTTP transactions. The main IP is 2606:4700:7::a29f:802d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kennedy24.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.

This is the only time www.kennedy24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 34	2606:4700:7::... 2606:4700:7::a29f:802d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
17	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:d483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2606:4700:e2:... 2606:4700:e2::ac40:8007	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:3a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.133.104.50 34.133.104.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
41	2606:4700:20:... 2606:4700:20::681a:db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::35	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6812:324	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
37	99.86.4.122 99.86.4.122	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4013:c06::5c	15169 (GOOGLE) (GOOGLE)
16	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:3800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	198.202.176.201 198.202.176.201	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
56	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
3	44.233.104.20 44.233.104.20	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
4	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
330	43

34 2606:4700:7::a29f:802d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.kennedy24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
joinkennedy.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nationbuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e2::ac40:8007 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3a64 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.133.104.50 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.104.133.34.bc.googleusercontent.com

rfkjr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:20::681a:db (United States)

ASN13335 (CLOUDFLARENET, US)

app.livechatai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::35 (United States)

ASN15169 (GOOGLE, US)

server-side-tagging-ptjx4tds2q-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:324 (United States)

ASN13335 (CLOUDFLARENET, US)

imagedelivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1416993.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c06::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:3800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.201 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.233.104.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-104-20.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257 r.stripe.com — Cisco Umbrella Rank: 3529 m.stripe.com — Cisco Umbrella Rank: 1245	1 MB
41	livechatai.com app.livechatai.com	924 KB
24	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-f.fontawesome.com — Cisco Umbrella Rank: 3137 ka-p.fontawesome.com — Cisco Umbrella Rank: 3304	580 KB
22	google.com translate.google.com — Cisco Umbrella Rank: 1298 region1.analytics.google.com — Cisco Umbrella Rank: 2693 pay.google.com — Cisco Umbrella Rank: 2109 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 32	492 KB
21	nationbuilder.com joinkennedy.nationbuilder.com assets.nationbuilder.com — Cisco Umbrella Rank: 87389	561 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com	854 KB
13	kennedy24.com 2 redirects www.kennedy24.com	44 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	353 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340 translate.googleapis.com — Cisco Umbrella Rank: 947 www.googleapis.com — Cisco Umbrella Rank: 22	192 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7101 newassets.hcaptcha.com — Cisco Umbrella Rank: 9853 api.hcaptcha.com — Cisco Umbrella Rank: 9601	408 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	484 KB
5	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1291	38 KB
4	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5638	3 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	3 KB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 35663	45 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	840 B
2	t.co t.co — Cisco Umbrella Rank: 589	494 B
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	30 KB
2	getbootstrap.com getbootstrap.com — Cisco Umbrella Rank: 50498	14 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	14 KB
1	sentry.io o1416993.ingest.sentry.io	324 B
1	imagedelivery.net imagedelivery.net — Cisco Umbrella Rank: 24937	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	256 B
1	run.app server-side-tagging-ptjx4tds2q-uc.a.run.app	461 B
1	rfkjr.co 1 redirects rfkjr.co	396 B
330	28

	Domain	Requested by
56	r.stripe.com	js.stripe.com
41	app.livechatai.com	www.kennedy24.com app.livechatai.com
37	js.stripe.com	www.kennedy24.com js.stripe.com
16	q.stripe.com	www.kennedy24.com
14	www.gstatic.com	www.gstatic.com www.recaptcha.net pay.google.com
14	assets.nationbuilder.com	www.kennedy24.com
13	www.kennedy24.com	2 redirects www.kennedy24.com static.cloudflareinsights.com
12	play.google.com	www.gstatic.com
11	ka-p.fontawesome.com	kit.fontawesome.com
8	connect.facebook.net	www.kennedy24.com connect.facebook.net
7	ka-f.fontawesome.com	kit.fontawesome.com
7	joinkennedy.nationbuilder.com	www.kennedy24.com
6	www.googletagmanager.com	www.kennedy24.com www.googletagmanager.com
6	kit.fontawesome.com	www.kennedy24.com kit.fontawesome.com
5	www.recaptcha.net	www.kennedy24.com www.gstatic.com assets.nationbuilder.com www.recaptcha.net
5	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
4	pay.google.com	js.stripe.com pay.google.com www.kennedy24.com www.gstatic.com
4	www.lightboxcdn.com	www.kennedy24.com
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
3	m.stripe.com	m.stripe.network
3	region1.analytics.google.com	www.googletagmanager.com
3	www.facebook.com	connect.facebook.net
3	fonts.googleapis.com	www.kennedy24.com joinkennedy.nationbuilder.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	translate.googleapis.com	translate.googleapis.com
2	analytics.twitter.com
2	t.co
2	static.ads-twitter.com	www.googletagmanager.com
2	getbootstrap.com	www.kennedy24.com
2	translate.google.com	www.kennedy24.com
2	p.typekit.net	use.typekit.net
2	static.cloudflareinsights.com	www.kennedy24.com
2	use.typekit.net	www.kennedy24.com
2	ajax.googleapis.com	www.kennedy24.com
1	hcaptcha.com	b.stripecdn.com
1	www.google.com	www.gstatic.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	www.googleapis.com	assets.nationbuilder.com
1	o1416993.ingest.sentry.io	app.livechatai.com
1	imagedelivery.net	app.livechatai.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	server-side-tagging-ptjx4tds2q-uc.a.run.app	www.googletagmanager.com
1	rfkjr.co	1 redirects
330	46

This site contains links to these domains. Also see Links.

Domain
checkout.opennode.com
www.instagram.com
www.facebook.com
www.tiktok.com
twitter.com
www.youtube.com
rumble.com

Subject Issuer	Validity	Valid
www.kennedy24.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
nationbuilder.com Cloudflare Inc ECC CA-3	`2023-10-21` - `2024-10-20`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-20` - `2024-01-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-26` - `2023-12-25`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
livechatai.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
imagedelivery.net Cloudflare Inc ECC CA-3	`2023-05-29` - `2024-05-28`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Frame ID: 649A32643E311C9786029880E47EE65F
Requests: 131 HTTP requests in this frame

Frame: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 2687C5C8F7EE05E39ECD522F3559A0BE
Requests: 4 HTTP requests in this frame

Frame: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
Frame ID: 11DF7D713C776A24CE12181319C9685D
Requests: 40 HTTP requests in this frame

Frame: data://truncated
Frame ID: D89701AFE7FDB01AF2AD17D3E40F2539
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 1E03ABD46CCDFD4570134B599F7D54C2
Requests: 4 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=sur0w67xubh2
Frame ID: 6239D0AAF146B7FD6D52AACBED8CCAEA
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jfig4c4074qb
Frame ID: 2DD174882E41A8752D7C74270C938569
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
Frame ID: 73111539EAD0E2971BEAEC73659D9B7C
Requests: 60 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
Frame ID: 32206259638998941EF7247B902575FA
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
Frame ID: 9F92467F3D23365EA3AD3A690C6FAC24
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
Frame ID: 1671605BDFB9D6896338D555DE7CCB48
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jfig4c4074qb
Frame ID: 4DFC1CFBE071B3680255C63EBE0DFFF2
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 798BD221FCDE7549AB4556F81C2186DD
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 52F7544C12BD09F95A04C18033B86D07
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: BAADF5E76D106C6D44FE79449003592F
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-827a3488b1f821a00d591981ed0638c9.html
Frame ID: 5746B7D27FFAFEF425BF55ABACA1FF32
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html
Frame ID: 20A6B9525C009CA4E3835E1DEECE83EB
Requests: 6 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 5ABD69D75C635D1441A0F4F186591FFB
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
Frame ID: 7C1A97B3A348E0339EB4F49B9E94A6F8
Requests: 9 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=dku2wp0qrpq
Frame ID: ED3A0599709E4217AA01AA06F8E2E43A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We, the People... | Kennedy24

Page URL History Show full URLs

https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy Page URL
https://rfkjr.co/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy HTTP 301
https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinken... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

330
Requests

95 %
HTTPS

69 %
IPv6

28
Domains

46
Subdomains

43
IPs

5
Countries

6706 kB
Transfer

22086 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.opennode.com/p/d05e70a0-a317-4e30-b81d-1ae3e5575d2c
Title: Bitcoin

Search URL Search Domain Scan URL

URL: https://www.instagram.com/robertfkennedyjr/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rfkjr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@teamkennedy2024

Search URL Search Domain Scan URL

URL: https://twitter.com/RobertKennedyJr

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC4ewc5vQcMpLticvqPDcSQw

Search URL Search Domain Scan URL

URL: https://rumble.com/c/RFKjr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy Page URL
https://rfkjr.co/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy HTTP 301
https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 102

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

330 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 donate Show response
www.kennedy24.com/ 31 KB
9 KB 204ms
185ms Document
text/html 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef524299e2aca1447f5b5102ffd3666f294cf61829f9039f40db78f11c765f40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 9
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8373205abfc73731-FRA
content-encoding: br
content-security-policy: frame-ancestors joinkennedy.nationbuilder.com
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 00:00:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
x-content-digest: c0328847a98452dd046da36b3803c401d2289c31
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1702857635097981
x-nb-cached-page: yes
x-rack-cache: fresh
x-request-id: a022535c-745b-419b-92cd-5df2caf1e61b
x-runtime: 0.105977

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
2 KB 57ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 00:00:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Dec 2023 00:00:35 GMT

GET
H2 200 theme.scss
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 385 KB
55 KB 50ms
29ms Stylesheet
text/css 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.scss

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d18314f0d9dd325e472c28b8180d4741682b2cca9819f1a81180ec210c5934d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-middleware-start: t=1702857634969355
alt-svc: h3=":443"; ma=86400
x-request-id: a2487a5c-3ac0-42e5-8480-d85c0a9f4d30
x-runtime: 4.346591
x-content-digest: 60d455ea34991406e2ec3840bedefe84e5accc7f
server: cloudflare
etag: W/"8d18314f0d9dd325e472c28b8180d474"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31556952
cf-ray: 8373205c0f4491d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:47 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
6 KB 54ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5640
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 20:44:21 GMT

GET
H2 200 opz7yic.css
use.typekit.net/ 10 KB
1 KB 42ms
8ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/opz7yic.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

161adc1b69be76ccc5346711bc49c475f190bcf75dd03c834032e4b065330e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 18 Dec 2023 00:00:35 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1197

GET
H2 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
5 KB 41ms
20ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 13
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8373205c0d6a3801-FRA
x-amz-cf-id: aawdlP4ab01bU593RXj62EcX8FhDEvs7FQdGrHyhdcpyTSwPUbqULw==
expires: Mon, 18 Dec 2023 04:00:35 GMT

GET
H2 200 profile-login.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/ 3 KB
4 KB 52ms
32ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/profile-login.png?1697582282
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
x-amz-version-id: UZ3z2H3eCPLVBD_NSfvXtS6kN40SZ1iE
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3222
last-modified: Tue, 17 Oct 2023 22:38:03 GMT
server: cloudflare
etag: "2d003d6e18b1ba4e0db766e8f4dc526f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8373205c0d6b3801-FRA
x-amz-cf-id: 4nQYJ-jCCtfTAk_FDgZu6AjuAlxI2f4a-VlU_0tR3LnuWMgkVp4nig==
expires: Mon, 18 Dec 2023 04:00:35 GMT

GET
H2 200 rumble_logo_white.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/ 22 KB
22 KB 42ms
22ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/rumble_logo_white.png?1697064082
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
x-amz-version-id: QTvG_ogPyZRtij5jlvYT2NsZCXixTkK7
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 13
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 22352
last-modified: Wed, 11 Oct 2023 22:41:23 GMT
server: cloudflare
etag: "28e5ce4754ad7167c4c4e5eb9378ff1e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8373205c0d693801-FRA
x-amz-cf-id: LUyKrnirpS2lfexHIMEL2SOi1TBT90lQP3aTVj8TjZTvg-JqFpS4tg==
expires: Mon, 18 Dec 2023 04:00:35 GMT

GET
H2 200 rocket-loader.min.js Show response
www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
9ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 17:59:01 GMT
server: cloudflare
etag: W/"65735965-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8373205be8a63731-FRA
expires: Wed, 20 Dec 2023 00:00:35 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 61ms
41ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8373205c0c962c1c-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 28ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=opz7yic&ht=tk&f=22792.22793.22794.24318.40090.40091.40092.25668.25670.25673.25676.25679.51955.51956&a=2508016&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/opz7yic.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
638 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&display=swap

Requested by

Host: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.scss

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://joinkennedy.nationbuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 22:14:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Dec 2023 00:00:35 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 84ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Source+Serif+4:ital,opsz,wght@0,8..60,400;0,8..60,500;0,8..60,600;0,8..60,700;0,8..60,800;0,8..60,900;1,8..60,400;1,8..60,500;1,8..60,600;1,8..60,700;1,8..60,800;1,8..60,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:12 GMT
x-content-type-options: nosniff
age: 486203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:57:12 GMT

GET
H2 200 fslightbox.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 30 KB
10 KB 85ms
83ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/fslightbox.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-middleware-start: t=1702857635289584
alt-svc: h3=":443"; ma=86400
x-request-id: 75404bf3-4fe0-4833-a5ab-340d4967b2e2
x-runtime: 0.810179
x-content-digest: 167b1e36379227a2fa7c635269bdcb0ed8dec4c0
server: cloudflare
etag: W/"77ba0f0971a262f3fe1999d37208a8a7"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8373205c7f6e91d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:47 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 89 KB
31 KB 77ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b190041b79f9ebcb446ab01f41dbe060d59ebfa55e042fab8503b8b6f7c0dce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 50 KB
17 KB 25ms
23ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
x-amz-version-id: aieqggM2tMNQyHcFlMZ7wdOR0Upca7HC
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 228887
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"9714f34f09a34492cd827f7620009730"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 8373205c7db33801-FRA
x-amz-cf-id: xjWn9oChH5ITmXAUnGfJwzVE-LvuoqCuRwhC8nbrCoV_0pEfMwi3Bw==
expires: Mon, 25 Dec 2023 00:00:35 GMT

GET
H2 200 k24-float-label.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 3 KB
948 B 1061ms
1060ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/k24-float-label.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
x-middleware-start: t=1702857635933929
alt-svc: h3=":443"; ma=86400
x-request-id: 20a8376d-7fd3-45a6-88ac-87e43dd6116f
x-runtime: 0.797690
x-content-digest: 858dc6cedc176df364401823e6b822ffa39fd992
server: cloudflare
etag: W/"a7e81be515a4350b67aaa7b634852658"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8373205c7f6f91d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:48 GMT

GET
H2 200 localized-inputs.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 2 KB
902 B 208ms
206ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/localized-inputs.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-middleware-start: t=1702857635299360
alt-svc: h3=":443"; ma=86400
x-request-id: 4f722a64-3d37-4f33-93c0-7d96695ef7a5
x-runtime: 0.799195
x-content-digest: 44e5290de99fa9b40844d1e42b544d997e7c61ee
server: cloudflare
etag: W/"81d4fa5df88680bfb5899dc73e158c00"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8373205c7f7091d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:47 GMT

GET
H2 200 theme.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 50 B
227 B 22ms
21ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-middleware-start: t=1702857635157904
alt-svc: h3=":443"; ma=86400
x-request-id: 888c7617-195f-431d-97c4-4a72d3810aa8
x-runtime: 0.804943
x-content-digest: 25fec939dd7fcf76bdd26229129e82ba0de317b7
server: cloudflare
etag: W/"7592e61876da5df397281e08f2abf3aa"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8373205c7f7291d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:47 GMT

GET
H2 200 bs-custom-file-input.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 2 KB
1 KB 21ms
20ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/bs-custom-file-input.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-middleware-start: t=1702857635162294
alt-svc: h3=":443"; ma=86400
x-request-id: d2fbeb47-5f10-49ce-97a3-4f54f8e5bf74
x-runtime: 0.789929
x-content-digest: 59d3af0630bcb8da94e201ce3453821d82447d22
server: cloudflare
etag: W/"4be37bbc2e40bc238e8895eac52b3a9d"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8373205c7f7391d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:47 GMT

GET
H2 200 bootstrap.min.js Show response
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 57 KB
16 KB 28ms
26ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/bootstrap.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-middleware-start: t=1702857635162012
alt-svc: h3=":443"; ma=86400
x-request-id: fa25ae46-da19-40b2-a7bd-d5c02695ff70
x-runtime: 0.784906
x-content-digest: 6778fed3cf095a318141a31f455c8f4663885bde
server: cloudflare
etag: W/"0a34a87842c539c1f4feec56bba982fd"
x-frame-options: ALLOWALL
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31556952
cf-ray: 8373205c7f7591d7-FRA
x-rack-cache: fresh
expires: Tue, 17 Dec 2024 05:49:47 GMT

GET
H2 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 31ms
30ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
x-amz-version-id: k1oY7mZDR.WdjUbJpXthIK_UKCYMytoH
via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 509019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 10 Nov 2023 15:20:30 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 8373205c7db43801-FRA
x-amz-cf-id: CTMwXEfQeh5-puPmRLsNMwEAeBTy_urCLPyWwk5bP1CTtWJWyQVLsw==
expires: Mon, 25 Dec 2023 00:00:35 GMT

GET
H2 200 38b3ad1ee0.js Show response
kit.fontawesome.com/ 12 KB
5 KB 42ms
20ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 9
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8373205c9ab94d62-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58pYDH6A1GCAv-4wgwC

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/ 3 KB
1 KB 42ms
17ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/lightbox_speed.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64a80c5311000e42e55ad2a62dcf422b9468ba55472d51d2165d4cddd1ef8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: c2oxAMJux4k4v0h/WvgOxg==
age: 2
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 21:00:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 1adecfda-501e-0038-6d35-315969000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 8373205cacb49a2a-FRA
expires: Mon, 18 Dec 2023 00:01:35 GMT

GET
H2 200 706b9f1865.js Show response
kit.fontawesome.com/ 12 KB
5 KB 45ms
22ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706b9f1865.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 8
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8373205c9f7d9b7a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F57qV0NYSNSOnc_FJMnB

GET
H2 200 main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 469 KB
134 KB 35ms
34ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
x-amz-version-id: zm91i4Eqv.soNxyKb4EFoxcRnA45H3pv
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 213796
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 07 Nov 2023 14:02:19 GMT
server: cloudflare
etag: W/"65f4d89d2236c9f9b248d9ed5de8dafa"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 8373205c7db53801-FRA
x-amz-cf-id: 81jjVFHu7uCm0wX6y2s2zMTLS1iPUa5BPUughpxNBLPeoFQuC3trmA==
expires: Mon, 25 Dec 2023 00:00:35 GMT

GET
H3

200

main.js Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 2687
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

18ms
18ms

Script
application/javascript

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ad4ddd145a9faa9e5f7f7d78f9e3da6255db563b968ea6a080d526bb68131b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8373205ca9e05d9e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 18 Dec 2023 00:00:35 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 8373205c89d55d9e-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 8373205abfc73731 Show response
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2687 0
275 B 31ms
30ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/8373205abfc73731
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
server: cloudflare
cf-ray: 8373205d2a105d9e-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 gtm.js
www.googletagmanager.com/ 244 KB
77 KB 84ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:35 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 202 KB
54 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 00:00:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: UWZyE4pGuARKoLyjS0p0UlSs4mRFWbWdSIjnVXmuoYWrKdsy76uQep1jo5+PMpg6Da4G9l0DqrUxU7ytgRFexw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 41ms
19ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
via: 1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 1265011
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTzpoLfLCLROZjIXAtJH2jZvq0V3BbAK14riRRomPkhtb5vyJKaxLMhKe2y13hbCE5Ziq%2BP2E%2B%2FS2COIGuBIc4dcEQZLZP4knMfta8ZqUEkdt3yMv1ms3BnR%2B8gBS8qANu5TxKAbi46mFqkj%2B%2FBFwBbE5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8373205d6dd7bb3e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: G3AfQHzY8ydpyuT209Gbln6H3GKbt7VrVfua6snoY1tJ-SDGxJdy4g==

GET
H2 200 free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 40ms
17ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 1626963
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRRYmMyPxcydr8CME8DZcVs6jD74GohCVNNv3aBwPQXK%2BcUEqnJJ1TfYN8%2B%2BhMHqzMtGz72cYtws1cKsR3IpPyXW2db8O%2BUITACqIPDsVZ0LyYi4o94dnZz5WsMIUydYTWyloO%2BW1rBOxByluA0xguUIAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8373205d6dd4bb3e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: v30rM5femLA3YCG8ki_hlZWid9NtUdOhXSAQEaVj1uoBis1cUFeb3A==

GET
H2 200 free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 44ms
22ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 3445214
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciNNQxIp9I5Ik6ZiseVhLLif8ouMVsf9hlPAiZKLN4FNKMwmnLE5oIBHA6fBX6k2T5uZ8ccyEoCFhZNjlCaxhpc3XMlVZXDld%2BIsjH7M6kO3eiHkuQu29EuFkYPPQsRowAyZXFGPtj%2FcNnFDxEh3ZKZYXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8373205d6dd6bb3e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: bjBk4VVExhzUtJzTekFrEXbmz9IYbuMoHrg4lmhi1wLzK3dnZj1nug==

GET
H2 200 popper.min.js
getbootstrap.com/docs/4.0/assets/js/vendor/ 19 KB
7 KB 41ms
19ms Script
application/javascript 2606:4700:10::6816:3a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 5ef89a2e90029592e1c90b990e6b672de80ed512
date: Mon, 18 Dec 2023 00:00:35 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Thu, 30 Nov 2023 09:43:59 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11
content-encoding: br
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 14 Sep 2023 14:29:01 GMT
server: cloudflare
x-github-request-id: A428:0E81:3EF3FA3:401B8E9:6540671F
x-timer: S1701319650.485525,VS0,VE1
etag: W/"650318ad-4af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 8373205d6c0336e0-FRA
x-cache-hits: 1

GET
H2 200 689052772650376
connect.facebook.net/signals/config/ 133 KB
35 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689052772650376?v=2.9.138&r=stable&domain=www.kennedy24.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 00:00:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cXgxWiRq2Od83EPSarISCUgjqB4DkNSh+jFN3K5Fnafk2zBjhUVuUEB/hWbz+k00KB+JrmZc/7ZFK3SyuU1CVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
275 B 19ms
19ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1702857635453&h=www.kennedy24.com&e=p&u=45028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Dec 2023 00:00:35 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1451189
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 76c3db65-f01e-0035-6412-24b665000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8373205d9d1c9a2a-FRA

GET
H2 200 pro.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 31ms
31ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 1355525
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373205d9b6c4d62-FRA
content-length: 120109

GET
H2 200 pro-v5-font-face.min.css
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 18ms
18ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 276118
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373205d9b6d4d62-FRA
content-length: 7186

GET
H2 200 kit-upload.css
kit.fontawesome.com/38b3ad1ee0/70955553/ 0
138 B 17ms
17ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0/70955553/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
cf-cache-status: HIT
age: 1357968
content-length: 0
x-request-id: F5zw7qu8YMsCiSdFWZfB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 8373205d9b6b4d62-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H3

200

Primary Request contribute Show response
www.kennedy24.com/
Redirect Chain

https://rfkjr.co/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

83 KB
18 KB

725ms
722ms

Document
text/html

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a5e615ea1a48e4ca241418b5135fba3a81cabfc49ef1e5c1dfe5514aa49c7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-request-method: GET, POST, PUT, DELETE
age: 7
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837320602b965d9e-FRA
content-encoding: br
content-security-policy: frame-ancestors joinkennedy.nationbuilder.com
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 00:00:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
server: cloudflare
x-content-digest: 05c510f7fefcb25428ed6c2b1b3726f2c9e49d84
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleware-start: t=1702857636521002
x-nb-cached-page: yes
x-rack-cache: fresh
x-request-id: 067f10d7-a75c-408a-9a60-bbed3d78d651
x-runtime: 0.470068

Redirect headers

Cache-Control: public, no-cache, max-age=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Dec 2023 00:00:35 GMT
Expires: Sun, 03 May 2015 23:02:37 GMT
Location: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 sdk.js
connect.facebook.net/en_US/ 3 KB
2 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 00:00:35 GMT
content-md5: 4y5GbRThhJP5zLRSclQFlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: WCGj1droDZpA3cRQG5Zqa+Bm09iw9TceSgUanRZq73/0PHIC4dbEg1DpgeR+xtfavnTJKkVNB0oORRJ5N1lJvg==
x-fb-content-md5: 9f6f2114da9a5e4bef58389bd877fe41
cross-origin-opener-policy: same-origin-allow-popups
etag: "4f0d9363531ed32cd8fe0c8520e51843"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 18 Dec 2023 00:11:48 GMT

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
75 KB 15ms
15ms Font
font/woff2 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 42308
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 76736
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSHnY9XOpo8a%2F3E4TOTGqe8IvJ%2F1rpyUbB75gnUXUkpyZZEKGyeR1NNYWVZQ9cpXeX6Up3mGPKKGtB75SdP%2BlkV8XmsLUMjOcOtXGZ13Re3AkJwk5qkZebB7Q%2FDAf7d7WSOx6nW6LhzXbhAZmHk1QKi7sg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8373205d9deebb3e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: pj7f1u_hgIbK24srPJ464y_h_glMPB82-yw4EdKaDVsZXunohbDFKw==

GET
H3 200 sdk.js
connect.facebook.net/en_US/ 302 KB
86 KB 23ms
14ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bb0843c5a441b38a9e3dd70141c86a9b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 00:00:35 GMT
content-md5: H+kOpJrxc1hURbPut1BkCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88322
reporting-endpoints
x-fb-debug: Ee2452mlS3T6YBwssziqFfVa6sR4JDYnlzl6SFCzoXDiSF3AGg62lU1/YEQcj6k1gLzlAHBGSKE48po1g7cTHg==
x-fb-content-md5: f407c060ddb2052d6eed64bf9e8a8968
cross-origin-opener-policy: same-origin-allow-popups
etag: "07b502f56b73f3f318848f033d99229a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 16 Dec 2024 22:56:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 217ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689052772650376&ev=PageView&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&rl=&if=false&ts=1702857635473&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702857635472.1443171371&ler=empty&it=1702857635448&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 00:00:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 18ms
17ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 305500
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373205e0bba4d62-FRA
content-length: 38432

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 39 KB
39 KB 22ms
22ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 1355525
etag: "6568cc18-9cfc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373205e0bbc4d62-FRA
content-length: 40188

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 182ms
37ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1679673749184434&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bb0843c5a441b38a9e3dd70141c86a9b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
date: Mon, 18 Dec 2023 00:00:35 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: LoymABoCMvvqFXGSMqkSTqD1An4RqF9o1Yte4PEejqOjGcCD4cJgWtCV41GCQ7/p/cuPTfD9M216FYIzwNNWsQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 290 KB
94 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:35 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ 193 KB
71 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:35 GMT

GET
H2 200 uwt.js
static.ads-twitter.com/ 56 KB
15 KB 144ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220095-FRA

GET
H2 200 embed.js
app.livechatai.com/ 388 KB
143 KB 162ms
26ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/embed.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5745
content-disposition: inline; filename="embed.js"
x-vercel-id: fra1::jfdfx-1702643238451-669227847f43
server: cloudflare
x-matched-path: /embed.js
etag: W/"6672d8ccca6812948cf1793129a437d8"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3l7aEZ8CyhMW3yoa5KawLXalj%2Bf5ZSvSoO0OKPfrQPTUh4QYmH013X9kzxEAg%2BOYkxIOXS0DMM8ua2F3Gd17zssoFuFFqCVM%2FKNjb3%2BxMr4O8NKkOVS04cNCWD1mx2QnPUuG8MztvB3qe2TC0QeoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 8373205f0ce09bce-FRA

POST
H2 200 collect
server-side-tagging-ptjx4tds2q-uc.a.run.app/g/ 0
461 B 168ms
137ms Ping
text/html 2001:4860:4802:34::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://server-side-tagging-ptjx4tds2q-uc.a.run.app/g/collect?v=2&tid=G-CAPI12345&gtm=45je3bt0z89133194504&_p=1702857635387&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916740890.1702857636&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702857635&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=Donate%20%7C%20Kennedy24&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
server: Google Frontend
content-type: text/html
x-cloud-trace-context: 39cf1a1c17ba85359d2048363820d959
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 18 Dec 2023 00:00:35 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
247 B 55ms
21ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je3bt0v9113043695z89133194504&_p=1702857635387&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916740890.1702857636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702857635&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=Donate%20%7C%20Kennedy24&en=page_view&_fv=1&_ss=1&tfd=749
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 64ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JWBYYEB6SQ&cid=916740890.1702857636&gtm=45je3bt0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 63ms
28ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JWBYYEB6SQ&cid=916740890.1702857636&gtm=45je3bt0v9113043695z89133194504&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1702595218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 189ms
172ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=01ad6418-0cd8-4f26-bca1-5d0663ff13c0&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=0124086d-b5b3-47ca-bc21-aa24c7a68627&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 165
date: Mon, 18 Dec 2023 00:00:35 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 7b9f76642490ee4f
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fbfe9cf48734a7f15db618916f1122e2d7886ebba5470b15a6127ab5ce3c5141
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 133ms
118ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=01ad6418-0cd8-4f26-bca1-5d0663ff13c0&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=0124086d-b5b3-47ca-bc21-aa24c7a68627&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 18 Dec 2023 00:00:35 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: db1ab1c4d0308b2e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 090202bc780bd9d22dd07fafa9ec75162229baa856f0d6ea7c077c5ec1571d4d
content-length: 43

GET
H2 200 detail
app.livechatai.com/api/aibot/ 2 KB
2 KB 62ms
62ms Fetch
application/json 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/api/aibot/detail?chatbotId=clp8s9asf0001ia0fp9ki6fwg

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 00:00:35 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-vercel-id: fra1::fra1::gl78s-1702857635923-572ec8d02f6f
server: cloudflare
x-matched-path: /api/aibot/detail
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsY%2FNeRwCCdscAgMopnL9lRD%2BE%2FCCtQLdlxM9sKC1889jX4KZlZDuGjwrjsaDHc6V6Vgml7SR3tjqFz4ioiYVjTdNhAcMQNDQ5xZ1RT1Sh3WDajZiADkWO5uSKikP3UIb8SaZMqMxXe74FZjy%2Bf5Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8373206079ad8ff4-FRA
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version

OPTIONS
H2 204 detail
app.livechatai.com/api/aibot/ Frame 0
0 134ms
105ms Preflight 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/api/aibot/detail?chatbotId=clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.kennedy24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
access-control-allow-origin: *
allow: GET, HEAD, OPTIONS
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8373205fd94b8ff4-FRA
date: Mon, 18 Dec 2023 00:00:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QU1JApPz%2BGTQJHEvTpitXfx4JbwIZpFtEWTMn1Bl8J3YrTEanJJ8xxLRVbK46LFj6EOL54MNSHCB587ircumMLkfshTdXOR2kkhQHkx9nc3shwxIjvV6tGnMQKah%2BLo0mM0xPhCZgXiHDKVpx27TLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path: /api/aibot/detail
x-vercel-cache: MISS
x-vercel-id: fra1::fra1::gl78s-1702857635830-58d7171d1393

GET
DATA 200
OK truncated
/ 169 KB
169 KB Other
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 clp8s9asf0001ia0fp9ki6fwg
app.livechatai.com/aibot-iframe/ Frame 11DF 26 KB
7 KB 109ms
108ms Document
text/html 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837320610e209bce-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 00:00:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVfjLfEEbfmb84nvkBG159WQLrOxX%2FPUhB1X1EnaxyorUUcuayjsWpj4QAEK9qXc2DjcNppVgYoPQc4b3Hf%2FWf8FqVnxDfBUBS6D57RLMOscHRVit3KvLQhdNFjngCyoxknp8%2FmyeSx%2B6OAHqA5UYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path: /aibot-iframe/[chatbotId]
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-id: fra1::fra1::vvbvw-1702857636024-1d10ac4ca464

GET
H2 200 livechatai_v02.riv
app.livechatai.com/assets/rive/ 18 KB
18 KB 16ms
15ms Fetch
application/octet-stream 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/assets/rive/livechatai_v02.riv

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14218
content-disposition: inline; filename="livechatai_v02.riv"
content-length: 18255
x-vercel-id: fra1::dn6nm-1702366112282-11893a8b030d
server: cloudflare
x-matched-path: /assets/rive/livechatai_v02.riv
etag: "690dbf594a924550a9830cc3d8109ed5"
x-vercel-cache: HIT
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzbPIjKRXpXHEHlkxVatZpBuZJkxML14NyayNfI5UFLyiD4wPFVqjN73MDJTz2a2IqRhqEE4AZgBTpRzbnYynW6XdJm2GNF0fG2xvNk80qTG6FY3xOhSlIsvXzNUSC7EfseVp78YXsSiXU42qk8cDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 837320611a1f8ff4-FRA
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version

GET
H2 200 c9a5bc6a7c948fb0-s.p.woff2
app.livechatai.com/_next/static/media/ Frame 11DF 45 KB
46 KB 32ms
31ms Font
font/woff2 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
Origin: https://app.livechatai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2891315
content-disposition: inline; filename="c9a5bc6a7c948fb0-s.p.woff2"
content-length: 46552
x-vercel-id: fra1::mgdr2-1699966321525-a246a54da0f0
server: cloudflare
x-matched-path: /_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
etag: "74c3556b9dad12fb76f84af53ba69410"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E5OEe4XACLhIzEWX42JSrfi2Od2cGbF01QJXka%2FfDrhc8EvWFAjRyKijgGYt3cv6g2R93b9fO77AuaxVgvJj9xcQO2C8BaMKl29UCzM8hx6jBGr8NxXigImVHKyNqzjsd7NiLxDMS6ZpgWPZEF0JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 83732061dec29bce-FRA

GET
H2 200 48d73f0d2c2b60e8.css
app.livechatai.com/_next/static/css/ Frame 11DF 124 KB
22 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/css/48d73f0d2c2b60e8.css

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 316270
content-disposition: inline; filename="48d73f0d2c2b60e8.css"
x-vercel-id: fra1::m8r2m-1702541366129-1a442e1780c4
server: cloudflare
x-matched-path: /_next/static/css/48d73f0d2c2b60e8.css
etag: W/"ca14ddf47bf970f7ff95285ec5b2ab28"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0jU36m8HLXD2xTckhu0PhK%2BUIQFerspxftjRRSLbCcpS9KQv4NXYJHC%2BTndVheieb1ZwW1eqcvSNX1nKZ1HfEvnZGiGw0xm%2FTmfaqqqxBnLka26wQbtecL91heGuW2WcZhk0Hv7zfTxlblYEjCkIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061debf9bce-FRA

GET
H2 200 25777276aa17cb88.css
app.livechatai.com/_next/static/css/ Frame 11DF 6 KB
2 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/css/25777276aa17cb88.css

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2637131
content-disposition: inline; filename="25777276aa17cb88.css"
x-vercel-id: fra1::996jz-1700220505861-d3ab09c75a68
server: cloudflare
x-matched-path: /_next/static/css/25777276aa17cb88.css
etag: W/"da6bfddbad1f887eff9ca0322c10f562"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2FWkJhijGDFbFTLQtspe4lhO8rlf05aeco2UeZf2LX7vx0dASdhLn5aVN8naY8bEIswKMxZnEDar7etj1lQITqN4PMjP%2B7T3AL2YyeYV7tmymfIppotwDKNuRjvM%2FHy5fgCXrNb%2Bu1tRyTz2d7wYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec09bce-FRA

GET
H2 200 62fa77695c83883b.css
app.livechatai.com/_next/static/css/ Frame 11DF 332 B
635 B 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/css/62fa77695c83883b.css

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2891315
content-disposition: inline; filename="62fa77695c83883b.css"
x-vercel-id: fra1::g4vw4-1699966321528-54c81885a184
server: cloudflare
x-matched-path: /_next/static/css/62fa77695c83883b.css
etag: W/"824e0de0b7f52c1444b3f15bf2e45069"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T90T9Hgv10QPPV2p6G%2B%2FssexmdMU8BbiwPbUt6gWHzJ88WY5Yy1egdSrahtEf4W2rGUSJ9VtCjQPb20ZDXKwj7pvhiI8JG3k7SD%2B0pvfnOUkoA3Bmb4Aoit9tA6cGVMDIu5FK0dBZfVLXRgyPDnXig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec19bce-FRA

GET
H2 200 webpack-01787b69d8dc0176.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 7 KB
3 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/webpack-01787b69d8dc0176.js

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="webpack-01787b69d8dc0176.js"
x-vercel-id: fra1::rckg6-1702641929086-ac931b09a9c7
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-01787b69d8dc0176.js
etag: W/"2700849b5a8068fd062da1a85c466cd2"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeR%2Fj86l8sWzn4eCiNz1UnxToXUGzpe%2FKHk0t11mrBVQoFWhHEll5aXY4cQqhLpx3ll%2F8ljgCgOvU%2Bj2S5dNJh6Ade8Zw7w8%2FWjCktR9dBcawyg%2FaKk51rjLZXUCqsPaARoOXGylbwcm9BMV0UNR%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec39bce-FRA

GET
H2 200 aa3f47ce-d13483b840d32053.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 168 KB
53 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/aa3f47ce-d13483b840d32053.js

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1633297
content-disposition: inline; filename="aa3f47ce-d13483b840d32053.js"
x-vercel-id: fra1::d7ndx-1701224339064-1dff8e8fb7d8
server: cloudflare
x-matched-path: /_next/static/chunks/aa3f47ce-d13483b840d32053.js
etag: W/"01bf3e7f4ba1188a29d12538405850f2"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJdOabaZX5O77Q3IaI6U0Gxqe%2F3lc%2Ftine6dJDUAuZ7cD%2BBJj1lYGtGkPCFf3M5gyK2WAa%2FjFw4t2FlN4Sp%2F8Y8gov2g8LSOg4d1KpqnmwrgnAzY%2Fdirv%2F4hA8lQpX8A9%2FXRC%2Ffq%2BxMTV8rY6oyidA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec59bce-FRA

GET
H2 200 72afe123-f00bd4f4fe0a1cb0.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 177 KB
54 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/72afe123-f00bd4f4fe0a1cb0.js

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1711813
content-disposition: inline; filename="72afe123-f00bd4f4fe0a1cb0.js"
x-vercel-id: fra1::hh2fd-1701145823019-8f7161c4e6ce
server: cloudflare
x-matched-path: /_next/static/chunks/72afe123-f00bd4f4fe0a1cb0.js
etag: W/"df1a2b66441e1e7c8bc9493955373c67"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCrhjHJdgfaevYqRkRNIk5dWDPdAzl22jX0u6qhTFCkdXCd7lNB4SpRBbfjpvzzgEZnVKSpW7wIfXfohY9DE4NaSJZiSoWJEnSJ8UKtdoKfhz2ujwtYSjr71Ar0eYGNCp%2BNyMPhbGDtYznz4R9CDcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec69bce-FRA

GET
H2 200 6156-e7027fac821cf1c5.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 289 KB
80 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/6156-e7027fac821cf1c5.js

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 378486
content-disposition: inline; filename="6156-e7027fac821cf1c5.js"
x-vercel-id: fra1::prw7c-1702479150115-05b8ef11f543
server: cloudflare
x-matched-path: /_next/static/chunks/6156-e7027fac821cf1c5.js
etag: W/"43bb5ffd9179f77ad759c9b3ee01f0b7"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifoXX%2FUMzCmoSaTGrccAJ8sINqPCtKEdbYBhnu3rJSMGBliXoelu9dWGkKf3XWNsAjbCyYpS7vdNP89vDRC8E59h7YN%2BbcUlEjKM8DyATjsoFQfve73gr3my1SfNJ52NijUQDgvZHioTRXkZ6CPClw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec79bce-FRA

GET
H2 200 main-app-b4727b9ab70fbf80.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 1 KB
1 KB 30ms
29ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/main-app-b4727b9ab70fbf80.js

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="main-app-b4727b9ab70fbf80.js"
x-vercel-id: fra1::q597h-1702641929093-fefb32b47a4c
server: cloudflare
x-matched-path: /_next/static/chunks/main-app-b4727b9ab70fbf80.js
etag: W/"d39800c02384baed1997084d2d79e88d"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xov1jFqp9aTETdoL14I%2BNAIRKt%2FBLCXMBq0dO%2FzoQ9NAUWUD7NDccsG2LZoziczU2AEu6DHuRQFkN3%2FUNhccGhSjsub4dg9ZuuBgOmbku1%2FJZL27%2F%2F%2BVr46HJmxW%2B2fkt1rty4jiP64xOt60EWUAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec89bce-FRA

GET
H2 200 256-db4ebfd420eb8419.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 25 KB
10 KB 34ms
33ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/256-db4ebfd420eb8419.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="256-db4ebfd420eb8419.js"
x-vercel-id: fra1::7dspw-1702641929088-45b51de4c575
server: cloudflare
x-matched-path: /_next/static/chunks/256-db4ebfd420eb8419.js
etag: W/"682b63412b0c7def626f4f1d4460dfe1"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZrleYt2%2FK3CF4qd7Pti0efgXj9OUQDydbTQ0nqgVf3nuZLyCsLroUvJwEqjXYiSfKcnRmoTZyxfRRjGTUP5IIpwU3yRaBXBPekcDY89Dvc0vd98mZVR7Si%2BO%2FZ%2FyIY9%2FzppBmmHo8fEP%2FssrMpGxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061dec99bce-FRA

GET
H2 200 4887-3667a69748123897.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 37 KB
11 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/4887-3667a69748123897.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="4887-3667a69748123897.js"
x-vercel-id: fra1::9lj94-1702641929094-5ed1453388d7
server: cloudflare
x-matched-path: /_next/static/chunks/4887-3667a69748123897.js
etag: W/"4fb4b4d8189c145e936963474aa0b6e9"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUV3RMmHgy5IWdcSFWH7T%2FynqHV0LdBD6WjIcM%2BinYtJR2bFPVsAMcKGyEptGIqsGTs4nPtr4xMIEwTw9O20EYgmf0u5NYWOarSTv0bxZUaLV2S%2FHVD%2BpbKYfZy1J3ue8p7RRnHWUmDia33SG1oSqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eecf9bce-FRA

GET
H2 200 8131-21ebfc4453e87217.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 34 KB
11 KB 41ms
41ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/8131-21ebfc4453e87217.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="8131-21ebfc4453e87217.js"
x-vercel-id: fra1::hgxgr-1702641929092-98b9274c508c
server: cloudflare
x-matched-path: /_next/static/chunks/8131-21ebfc4453e87217.js
etag: W/"4b38a06d30bb965ee482bf70d3b688eb"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi2GvlU9RyBCHih91xlobGhKUXhKZdxRpcOc0Tt3b8B8RKncrkJVqhJKtmn6i6J%2FYS2ulvWXp%2FB%2BNq07ex3gt%2BDy%2FbMuQaC%2FV56155Dusw4WjUosOz0cySeaEJQNOlPKj6nZDLA8%2Fp9XIcKNxEljzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed09bce-FRA

GET
H2 200 3016-71d76ea4cc36c3ac.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 137 KB
44 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/3016-71d76ea4cc36c3ac.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="3016-71d76ea4cc36c3ac.js"
x-vercel-id: fra1::n2vh7-1702641929108-086009e3c0cc
server: cloudflare
x-matched-path: /_next/static/chunks/3016-71d76ea4cc36c3ac.js
etag: W/"673201ab09ff1ffe3ea04b7a30093653"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P494aE5sfyR8TVa31o4hsc8sMzQgussUnjbCQydhXwDzzuNj6mTGCat0FkFaHPWXJpvbT3oUtn3Ayr1xwum5YvNOgIRV0ddxq2AHecZgrAZIHNlyB7Ps4Z2MY%2FaueXkHEU2EaYwf5K1uwvv2n461Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed19bce-FRA

GET
H2 200 layout-5597a38f6e61f8cc.js
app.livechatai.com/_next/static/chunks/app/ Frame 11DF 7 KB
3 KB 62ms
61ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/app/layout-5597a38f6e61f8cc.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="layout-5597a38f6e61f8cc.js"
x-vercel-id: fra1::7zzwk-1702641929100-8d128852d3b5
server: cloudflare
x-matched-path: /_next/static/chunks/app/layout-5597a38f6e61f8cc.js
etag: W/"389edfa1c07d2a59e412005712cca0e3"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wo3CLj099sOakAO5QB0mAIn65ElZhQmqn7gSq28%2BhneouGvj%2B8KCjKDPmnVJW64IK7H6iniFS%2BIvyrWwNR7TsHEWENzk6%2FTB2cUxwVqgHtWn1YTlUL7mRnko4ztPipBQqncmjAegNwPTd%2FOKuWXCaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed29bce-FRA

GET
H2 200 98c5dab4-9d024b18627f9b79.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 240 KB
63 KB 41ms
38ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/98c5dab4-9d024b18627f9b79.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="98c5dab4-9d024b18627f9b79.js"
x-vercel-id: fra1::8s7r8-1702641929743-1858606b47b1
server: cloudflare
x-matched-path: /_next/static/chunks/98c5dab4-9d024b18627f9b79.js
etag: W/"a7bd894adb8aa72e9be24757927ba5f2"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZZRZT5hQryQYgfi6cWjjLSUumD%2FHmoYFXqteB99P6tUOOW0Ug%2B7xlm49EwaOB8cEG5a%2BYHpNIMAurJZsrtiCW6LcVwm9YWIKjvF421K4LrgLPj%2B1WO8L40Ow1UshvhI%2BaZc%2FKSX7%2FxxpA3mwfluLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed49bce-FRA

GET
H2 200 0af98a8b-d099cadbf7820200.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 208 KB
47 KB 43ms
41ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/0af98a8b-d099cadbf7820200.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="0af98a8b-d099cadbf7820200.js"
x-vercel-id: fra1::cb8xh-1702641929735-a41a686c15fe
server: cloudflare
x-matched-path: /_next/static/chunks/0af98a8b-d099cadbf7820200.js
etag: W/"1f9255cad259dd51010b1da16e2a0370"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO9AUlVBEleCu4d6Cm%2FX%2FGVwnM9Gh7h824y%2FL8efD%2BUBwimALOkSV%2BzUIUBtbCtxTRKCY5zytO07wask5LDVuvWNj4%2BFaRLH3rtRGf9QOUF6VCvNy4DhUdkOhQiOMyryTK2H5JMayVbfO7CF30U6SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed69bce-FRA

GET
H2 200 6425-854cd4b58f8675d6.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 6 KB
3 KB 34ms
32ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/6425-854cd4b58f8675d6.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="6425-854cd4b58f8675d6.js"
x-vercel-id: fra1::qzxjx-1702641929103-3dfadd8ef66d
server: cloudflare
x-matched-path: /_next/static/chunks/6425-854cd4b58f8675d6.js
etag: W/"b058d418170d85f0556e3028ba0ccf24"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s22%2BsouAFGcTX%2FQ0DKBaZDxhfIW9vWuNGl0W90VRsVPvEX30llVu7gx9WfK9biyczhH8VIR0FRuiDCKDGu7eht18WV7G67RGd40QZIjBRjqdmE%2FVLbn3DkDm%2Fwt0mkMpwbWvAaufVqrUko9PJNDJZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed89bce-FRA

GET
H2 200 7028-aca261d67e672145.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 15 KB
6 KB 27ms
25ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/7028-aca261d67e672145.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="7028-aca261d67e672145.js"
x-vercel-id: fra1::wspb8-1702641929739-eab82f872acb
server: cloudflare
x-matched-path: /_next/static/chunks/7028-aca261d67e672145.js
etag: W/"9fb335cecfe32c4d2b0e2640d2f6fe5c"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUWTgjGhaEbVGKN5SCnJIqnMBlFIlONtJK%2BjuldxJECW8xQ%2FoIzsKnIAdR5w%2BMZi8cyp%2FTfi%2Bc4r8u759d9IOC0LUOZpGMwa22rWUFctp%2BYs6b8UzsWc1Swg3c2EnuGz1vhdE03TzaolkkPIjzRrTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eed99bce-FRA

GET
H2 200 9321-d61e7a9f2caf0bd8.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 68 KB
22 KB 35ms
33ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/9321-d61e7a9f2caf0bd8.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="9321-d61e7a9f2caf0bd8.js"
x-vercel-id: fra1::vcl6n-1702641929111-78ff5121a70e
server: cloudflare
x-matched-path: /_next/static/chunks/9321-d61e7a9f2caf0bd8.js
etag: W/"11f738f1544cbd58581764a9ba1fa471"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X0wUv5u2SdTA1%2Fp2dqufoKJcJ7AL8DouYOI%2F3i7F6HU5%2FO%2F810qlR43uo893%2BQ12KOPh7u%2FHlidLNftyXhMjdAOj2116RCizKU7yLr559CnMVWzQybh8tRDzKtaX%2BUzR23bpWbf%2FmhwwMPwxELUyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eedb9bce-FRA

GET
H2 200 23-5810472a5f5643e8.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 47 KB
17 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/23-5810472a5f5643e8.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="23-5810472a5f5643e8.js"
x-vercel-id: fra1::7jtxr-1702641929736-af2aa62ce8dc
server: cloudflare
x-matched-path: /_next/static/chunks/23-5810472a5f5643e8.js
etag: W/"eddb49fbdb73ddcc497d4708ca8513c9"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fyhGS1MaGYKEbjZGLBoc3kI3tOgSYn3QlfWw3qKqQk11BRwAVJs%2BxBv%2Bsg7cRUfxsdbDiDle7kN5MakP0FjxZUEBCGA8ThBHVCbwn4Qo5P6xw%2BbrOZcOiPfuOL%2B2TW8TzWIgGwXrgakA3y5%2Fy%2F7EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eedd9bce-FRA

GET
H2 200 6706-480a5dfe94172657.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 12 KB
5 KB 28ms
26ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/6706-480a5dfe94172657.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="6706-480a5dfe94172657.js"
x-vercel-id: fra1::fxsng-1702641929741-16395143a131
server: cloudflare
x-matched-path: /_next/static/chunks/6706-480a5dfe94172657.js
etag: W/"e0ca6f0558f2c62d80d62c6f93427c5e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d5%2FDsPHfOl%2B9kqaGVc%2F4HzpB0yK3NR45qn%2B9z2Ndx4o7btW4RpeIVuXhISKEgxKjXFvl1ILPsy78mDrLJ2jf336xDK3VHiDb%2BUn1pBrqqAuHY8YFGGi7QTBmZmVRHd70ki34RUwGhgTqVtYz606Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eede9bce-FRA

GET
H2 200 5937-6553fbc6050998a1.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 29 KB
9 KB 29ms
27ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/5937-6553fbc6050998a1.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="5937-6553fbc6050998a1.js"
x-vercel-id: fra1::9h6lx-1702641929746-6a1d85c3ad3a
server: cloudflare
x-matched-path: /_next/static/chunks/5937-6553fbc6050998a1.js
etag: W/"87edc9b0eb0664d266249d050988e556"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F3%2Fmvzfwb7vFgFtLITDJPIPtb2pPe4vO7nFbStHXSDvdKwZgwyFyF%2BrmdNLKuGvbTIaj2CitShLH8TwkyZ55okR11xTqkUw%2FGFQTeEI7FiQzbK0lwZM19mrxd8OCwZdi1KdGge6sImj0NHwYz7V0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eedf9bce-FRA

GET
H2 200 6666-fc0b069637634b0b.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 19 KB
7 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/6666-fc0b069637634b0b.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="6666-fc0b069637634b0b.js"
x-vercel-id: fra1::8vnfd-1702641929746-b0ac374f4e03
server: cloudflare
x-matched-path: /_next/static/chunks/6666-fc0b069637634b0b.js
etag: W/"bbeee1e616dd0a35a01a7f7f2fb6b247"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0apwXDH0Fs317xVACAIDbMu3azgnnTEzvmCIhhqjaS0YmQygyaBO4OwHVxn6wRNY3Oh3xvdQbPdL%2BfTGR2umZzpP5pzNyKQ%2F285TcM4O1ETYs2YKavOGYBCsz9YAxZUrS7pTbkcelYD7eLKAnBevQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee09bce-FRA

GET
H2 200 6426-6604f056bfcf3596.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 307 KB
74 KB 50ms
49ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/6426-6604f056bfcf3596.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="6426-6604f056bfcf3596.js"
x-vercel-id: fra1::9vjcf-1702641929745-7471869c179e
server: cloudflare
x-matched-path: /_next/static/chunks/6426-6604f056bfcf3596.js
etag: W/"4c329d9950b7e0e5e9a5d2a4863c1f8e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylflpAKbZ8nWsFm7DJ5CoM%2FQUwqQp8D%2Ban2%2Fd0fTwMDh2FWWNiS%2Fg0cRlSOLvoz%2FCulD83kt9iTK85QjE3g0HRzXnJm25A8hwPZCUnftrOjz60ZRgtToq4YkTW4UrVvUPjCOXm%2F44gmg9UgE7fU6sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee19bce-FRA

GET
H2 200 9467-50639d062cf5c467.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 120 KB
35 KB 49ms
47ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/9467-50639d062cf5c467.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="9467-50639d062cf5c467.js"
x-vercel-id: fra1::6dscr-1702641929747-40e16be06b19
server: cloudflare
x-matched-path: /_next/static/chunks/9467-50639d062cf5c467.js
etag: W/"d19500210e43bf72d419a214bb098765"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eV0UXGwMGy83XBV%2B3bC3edaqq5jqNQGUAyzfTrEOoRbMJQoDkG0PwHJ%2FsNYi8HlnoI6C%2FHbqpOslWU8P0wtW%2BREE7qrs2uLFvAcgmk0XFttWWlfxMihG1JaoVepOP2f9akyQt5iHPIdD%2Fihq8lMWfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee29bce-FRA

GET
H2 200 8258-b02b8302e68cc724.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 197 KB
49 KB 44ms
42ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/8258-b02b8302e68cc724.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="8258-b02b8302e68cc724.js"
x-vercel-id: fra1::8cb7t-1702641929748-5356bea5fad1
server: cloudflare
x-matched-path: /_next/static/chunks/8258-b02b8302e68cc724.js
etag: W/"2e540ffa62ca627e007cf351e85a343a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDWhuZRVsVwe4iWHeIq0rWjxHcYpzrcGk6%2BBufpXJ%2B%2B7LATvsxSf%2B%2BsuTi06E3IDoR3alUoTfTmDCRe0nqnbMauI8ig%2BO5jNsC8gofZUjMNYfyaFj%2ByH4xy2HRKTh9aShEkH9zwYI8luiRGPNPB1nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee39bce-FRA

GET
H2 200 9017-d0b182372f5305bb.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 149 KB
37 KB 47ms
46ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/9017-d0b182372f5305bb.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="9017-d0b182372f5305bb.js"
x-vercel-id: fra1::7zzwk-1702641929748-89a04726305e
server: cloudflare
x-matched-path: /_next/static/chunks/9017-d0b182372f5305bb.js
etag: W/"1525cd41846b86c3006b7181b60e9ca8"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDlogKAyNKFNTV7qBS3UZcJ%2FoFZyhSYTtKzBAYQmgRhJ0cj%2BVog4m2tsCAOkccUzfO0BOPBUPoZgHKSuLYLtaDJ6wr8qIBfdLOYLFjD0RCUOnkooh3DNMeS28fUeHoyW%2BtA55KCFr8wHxnBc57yiAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee59bce-FRA

GET
H2 200 2903-dbf07df5a442915e.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 10 KB
4 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/2903-dbf07df5a442915e.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="2903-dbf07df5a442915e.js"
x-vercel-id: fra1::ss68b-1702641929750-f06dbe850453
server: cloudflare
x-matched-path: /_next/static/chunks/2903-dbf07df5a442915e.js
etag: W/"0eb3d6e0bd729aab0e0033c308b8c582"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NybJT%2BeuPUGjLTporVNHh%2BczIw7EfFlt8rMXCqs6GJjiSAhol1oTaZIGDyX803FqK77Ty5eQ4YEz8qMHraytGYniWKAg1EMSC4k6Sz8UvUMUGCambdTm3kN%2FkLmjzX8SD4cMo4u9bgndDwAcfrbvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee69bce-FRA

GET
H2 200 6557-d0ae6aeb4984113d.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 22 KB
8 KB 46ms
45ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/6557-d0ae6aeb4984113d.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="6557-d0ae6aeb4984113d.js"
x-vercel-id: fra1::47sm6-1702641929756-58f634c59e26
server: cloudflare
x-matched-path: /_next/static/chunks/6557-d0ae6aeb4984113d.js
etag: W/"6e095b0f3c1c184016688bf1a5556333"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwJiApRy7HN9dh%2BgIIKztDIQqCVstD47XxHx4Zf%2B2htEDbedQd%2F2TsQr09W%2BRSodAtxtaPqP4IFeOQZfZqBDQvc0npgDR7KcWFkdACPtny2KBJbI7ETpP7gH111eMB4wsdPIAZHSFIkRGT9BUlTZ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee79bce-FRA

GET
H2 200 1861-2de4b357aa906fdc.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 22 KB
9 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/1861-2de4b357aa906fdc.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="1861-2de4b357aa906fdc.js"
x-vercel-id: fra1::6cnn7-1702641929756-2ed961d6209a
server: cloudflare
x-matched-path: /_next/static/chunks/1861-2de4b357aa906fdc.js
etag: W/"5c83314ee76f1a2c9d107b6e884d4cd4"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKnlDgnJfgJlgLyT7phzG4Xc8%2FRoXjorK4dtZXyDE9xL%2F0hSndJ1jvry1BZr6CtvndgLawpQo3wf2BXZGnGGca%2FFAnzTg9U%2FKsbxKJ6FQoJYJSXniVBnqa1VGYLk2jiKIOHpODeskWRkqQZdiDQYwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee89bce-FRA

GET
H2 200 7423-5325dc8d572a3155.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 20 KB
8 KB 34ms
34ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/7423-5325dc8d572a3155.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="7423-5325dc8d572a3155.js"
x-vercel-id: fra1::gclfb-1702641929754-4bf32ef1e7c0
server: cloudflare
x-matched-path: /_next/static/chunks/7423-5325dc8d572a3155.js
etag: W/"14cb8e0c472db645ef559e2f36a27f05"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F3TJ8T6vSczvdwTV03GN9fYVHSdBgvtH99fsZK%2B%2FkDyYsP%2F6JAGV7nXjkVj7vL56NBx3NpVaTh3ggMH8NjBypqATX4zzF9BT%2BKhnTu3XrTclTokZKRqpvuUG6GsV1fVVyaQSO%2FNn0YAcszF4C9tWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eee99bce-FRA

GET
H2 200 8953-5eef6b12152bd5db.js
app.livechatai.com/_next/static/chunks/ Frame 11DF 24 KB
9 KB 38ms
37ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/8953-5eef6b12152bd5db.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="8953-5eef6b12152bd5db.js"
x-vercel-id: fra1::s7qql-1702641929761-a13fefd035e2
server: cloudflare
x-matched-path: /_next/static/chunks/8953-5eef6b12152bd5db.js
etag: W/"9c8b3735e94a26d6f876a16a37d159d5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeR3xnBxpnEdj3azENJoLm5GvFE5Ajcrkbv8FOt0cWQQn0Zp7M06hRe8SKSJyZIeWdS91WetfSRrzrw44kePTxar0etcchNQ%2BTxtyF6yx8vrwt%2B6coPP7ptRqvMnKHOALW3Ro%2F9Qil9XNQvfvZT42Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eeea9bce-FRA

GET
H2 200 page-cdb68703faf9cfcc.js
app.livechatai.com/_next/static/chunks/app/aibot-iframe/%5BchatbotId%5D/ Frame 11DF 407 B
746 B 41ms
40ms Script
application/javascript 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/_next/static/chunks/app/aibot-iframe/%5BchatbotId%5D/page-cdb68703faf9cfcc.js?dpl=dpl_EyycdzwkrBRP2SR8LhSFymKNM8ct

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 215707
content-disposition: inline; filename="page-cdb68703faf9cfcc.js"
x-vercel-id: fra1::xvfkx-1702641929743-4bc15603cce4
server: cloudflare
x-matched-path: /_next/static/chunks/app/aibot-iframe/%5BchatbotId%5D/page-cdb68703faf9cfcc.js
etag: W/"299df26d1e75ab60e36496a8f0c912d9"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tic9pzYGFCdzaP7Kbt2CfzPXGhtTLIixMkPAO2%2Fao%2BMeVuEbieyyHOA6axnF5%2Bde031HBPxD%2BMXfC2l1t2u4tOMEKd%2BAWFgxwZzvkEMZNnE3xLDLybpy0pMrBItaw4OvzSiYZA4Odw3Fg2q2h4mnNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 83732061eeeb9bce-FRA

GET
H2 200 public
imagedelivery.net/kWT6BK84nvUBrDc6c5H7fQ/469c5ddb-52ca-4603-ff1a-ba8df9e87500/ Frame 11DF 4 KB
5 KB 57ms
27ms Image
image/png 2606:4700::6812:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imagedelivery.net/kWT6BK84nvUBrDc6c5H7fQ/469c5ddb-52ca-4603-ff1a-ba8df9e87500/public

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:324 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.livechatai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cf-images: internal=ok/- q=0 n=246+201 c=0+0 v=2023.9.8 l=4499
date: Mon, 18 Dec 2023 00:00:36 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 4499
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfBfr9_LvkDK8H9kZfWunsyTCIfb7C9F9CBQfA5-d8DQ"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 1326B smaller"
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=172800,stale-while-revalidate=7200
accept-ranges: bytes
cf-ray: 83732062090e3718-FRA
priority: u=4;i=?0,cf-chb=(66;u=5;i=?0)

GET
H2 206 bell-notification.mp3
app.livechatai.com/assets/sounds/ Frame 11DF 91 KB
0 30ms
17ms Media
audio/mpeg 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/assets/sounds/bell-notification.mp3

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12005
Content-Range: bytes 0-92915/92916
content-disposition: inline; filename="bell-notification.mp3"
Content-Length: 92916
x-vercel-id: fra1::2nt4t-1701135726124-6ad437eabe28
server: cloudflare
x-matched-path: /assets/sounds/bell-notification.mp3
etag: "3e5a77369d403b167541547c9a1d7880"
x-vercel-cache: HIT
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type: audio/mpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKX0M0NAItuU%2F3fl9gTvZfnCiv2Z7m9l39DgwzENgUEurSUZ%2F4txEAoJTlTC6e7OV9GtTaADwvk%2BC8LIAROuKA2RI41kUyNVqur95J4qTqid7AAuDBcn5yTskgZloP9v%2BQhARnmn%2FosVWK%2FmPzjuMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400, must-revalidate
access-control-allow-credentials: true
cf-ray: 837320621f0e9bce-FRA
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version

POST
H2 200 /
o1416993.ingest.sentry.io/api/4505288766259200/envelope/ Frame 11DF 2 B
324 B 53ms
23ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1416993.ingest.sentry.io/api/4505288766259200/envelope/?sentry_key=4335075ad728457dac20351b363676de&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.73.0

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/_next/static/chunks/6156-e7027fac821cf1c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.livechatai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
BLOB 200
OK 0b04722e-0c16-4bf7-9d61-c70607fbb823
https://app.livechatai.com/ Frame 11DF 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.livechatai.com/0b04722e-0c16-4bf7-9d61-c70607fbb823
Requested by: Host: app.livechatai.com
URL: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 session
app.livechatai.com/api/auth/ Frame 11DF 2 B
717 B 59ms
59ms Fetch
application/json 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/api/auth/session

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/_next/static/chunks/6156-e7027fac821cf1c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
accept-language: de-DE,de;q=0.9
baggage: sentry-environment=vercel-production,sentry-release=5cb2e0ae07dee83d6d2aee1da6be3be02d69c55d,sentry-public_key=4335075ad728457dac20351b363676de,sentry-trace_id=b2f3da8114684adab695919fdf73a542,sentry-sample_rate=0.1,sentry-sampled=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
sentry-trace: b2f3da8114684adab695919fdf73a542-89ec6bc7fbb56e36-0
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-vercel-id: fra1::fra1::59vx5-1702857636283-d8d5d4b6c5db
server: cloudflare
x-matched-path: /api/auth/[...nextauth]
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGN90nyeBFeSITufoPFlIWcqA5jeZO8jbAftVCILCj%2FtyiDuLQq4LSgw%2FP4%2BBr9EFLUfg7i24oy5QCoT5k53dRXGtvrA5xJ5MEEPSylnarFazSZntfJUO52byMxJHYiwZXu2qC%2FxqJaJLXU8mn2KLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 83732062bf689bce-FRA
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version

POST
H2 200 clp8s9asf0001ia0fp9ki6fwg
app.livechatai.com/aibot-iframe/ Frame 11DF 931 B
978 B 70ms
69ms Fetch
text/x-component 2606:4700:20::681a:db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg

Requested by

Host: app.livechatai.com
URL: https://app.livechatai.com/_next/static/chunks/6156-e7027fac821cf1c5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22aibot-iframe%22%2C%7B%22children%22%3A%5B%5B%22chatbotId%22%2C%22clp8s9asf0001ia0fp9ki6fwg%22%2C%22d%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Next-Url: /aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
Content-Type: text/plain;charset=UTF-8
Accept: text/x-component
Referer: https://app.livechatai.com/aibot-iframe/clp8s9asf0001ia0fp9ki6fwg
Next-Action: fcc800c82ccfcf29c805ebb9b2737bdcafe30392

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Next.js
x-action-revalidated: [[],0,0]
x-vercel-id: fra1::fra1::59vx5-1702857636336-8d9df9d4719a
server: cloudflare
x-matched-path: /aibot-iframe/[chatbotId]
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so5VkX8z7yw8fuMIKfqgr16fUO%2BwXrTYE5LXyRKbsughaHVPBZ%2B3YwsrKUWlafyhm7YgFKRe%2Fq9BlabIGuqVKH8YS9MByxSgcTnpvss5L5caTAU8pKXUqC77VjuhHtS284SBvEQ1K3TR3%2FUqPb6%2BIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/x-component
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 837320630f959bce-FRA

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 22 KB
5 KB 47ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=AAM/d=1/rs=AN8SPfrY35p5UgdPn4TtdEjc1Lh8oviZKQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 11:13:04 GMT

GET
H2 200 m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq9WyBW4LEKGxY5XpehD7d6OpHyHg/ 255 KB
88 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq9WyBW4LEKGxY5XpehD7d6OpHyHg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=AAM/d=1/rs=AN8SPfrY35p5UgdPn4TtdEjc1Lh8oviZKQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89479
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:12:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 13:33:09 GMT

GET
H3

200

main.js
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 2687
Redirect Chain

https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

17ms
17ms

Script
application/javascript

2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Protocol

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 837320634d795d9e-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 18 Dec 2023 00:00:36 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 837320632d6f5d9e-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum
www.kennedy24.com/cdn-cgi/ 0
143 B 17ms
16ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.kennedy24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 837320633d725d9e-FRA

POST
H3 200 8373205abfc73731
www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2687 0
274 B 42ms
42ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/h/g/jsd/r/8373205abfc73731
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
server: cloudflare
cf-ray: 83732063bdba5d9e-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D897 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 50ms
18ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 11:13:05 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 05:22:16 GMT
x-content-type-options: nosniff
age: 326300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 13 Dec 2024 05:22:16 GMT

POST collect
region1.analytics.google.com/g/ 0
0

POST rum
www.kennedy24.com/cdn-cgi/ 0
0

POST log
translate.googleapis.com/element/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 46 KB
1 KB 24ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 00:00:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Dec 2023 00:00:36 GMT

GET theme.scss
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 30 KB
6 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:44:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 530175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5640
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 20:44:21 GMT

GET
H2 200 opz7yic.css
use.typekit.net/ 10 KB
1 KB 9ms
9ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/opz7yic.css

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

161adc1b69be76ccc5346711bc49c475f190bcf75dd03c834032e4b065330e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 18 Dec 2023 00:00:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1197

GET
H3 200 K24_Logo.png
assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/ 4 KB
5 KB 25ms
24ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/sites/5/meta_images/original/K24_Logo.png?1696639127
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: 8Benbp2okaYQdJkZnHd01SKUHGlqFFSo
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-C2
age: 6598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 4499
last-modified: Sat, 07 Oct 2023 00:38:49 GMT
server: cloudflare
etag: "1e0e0356959e57194a72c3c5a2794669"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83732064bb9e9972-FRA
x-amz-cf-id: wn4DqJr-o1B5nCPYBG9MalNs19oCcLvkMXtvpTAyUwOGOrqYJZVqsw==
expires: Mon, 18 Dec 2023 04:00:36 GMT

GET
H3 200 profile-login.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/ 3 KB
4 KB 21ms
20ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697582282/profile-login.png?1697582282
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: UZ3z2H3eCPLVBD_NSfvXtS6kN40SZ1iE
via: 1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ZRH50-C1
age: 6598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 3222
last-modified: Tue, 17 Oct 2023 22:38:03 GMT
server: cloudflare
etag: "2d003d6e18b1ba4e0db766e8f4dc526f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83732064bb9f9972-FRA
x-amz-cf-id: TqUVJtT28P8z9KG2i0_RiiGCs1RuW_-Tis2DwbqeVjZST2S8W9R9bA==
expires: Mon, 18 Dec 2023 04:00:36 GMT

GET
H3 200 rumble_logo_white.png
assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/ 22 KB
22 KB 32ms
32ms Image
image/png 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nationbuilder.com/joinkennedy/pages/62/attachments/original/1697064082/rumble_logo_white.png?1697064082
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: QTvG_ogPyZRtij5jlvYT2NsZCXixTkK7
via: 1.1 9024a47e92638749f86fca30924d4c3a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: DUS51-P4
age: 6598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 22352
last-modified: Wed, 11 Oct 2023 22:41:23 GMT
server: cloudflare
etag: "28e5ce4754ad7167c4c4e5eb9378ff1e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 83732064bba09972-FRA
x-amz-cf-id: DhKq44BzB80QXjC-_hwZqLu9IXwrwjXAWXlmU2pmJgYHuHoBJYsPZA==
expires: Mon, 18 Dec 2023 04:00:36 GMT

GET
H3 200 rocket-loader.min.js Show response
www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 13ms
13ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 18:02:04 GMT
server: cloudflare
etag: W/"65735a1c-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 83732064be6a5d9e-FRA
expires: Wed, 20 Dec 2023 00:00:36 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 41ms
40ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 83732064ca1e2c1c-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 8ms
8ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=opz7yic&ht=tk&f=22792.22793.22794.24318.40090.40091.40092.25668.25670.25673.25676.25679.51955.51956&a=2508016&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/opz7yic.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET fslightbox.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 89 KB
31 KB 72ms
69ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b190041b79f9ebcb446ab01f41dbe060d59ebfa55e042fab8503b8b6f7c0dce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 50 KB
17 KB 32ms
30ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/img-cropper-a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: 9FhmNzP5VKtGFI6Q2AeFoOvTMd.Koj5z
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 589480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 18:14:54 GMT
server: cloudflare
etag: W/"9714f34f09a34492cd827f7620009730"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83732064fbb99972-FRA
x-amz-cf-id: qJIO9EK__0RMCFXqJmEX2oVNtpgI0fA5itGq5nl1ZeEVK-ysnEj5Ag==
expires: Mon, 25 Dec 2023 00:00:36 GMT

GET k24-float-label.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET localized-inputs.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET theme.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET bs-custom-file-input.min.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET bootstrap.min.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET
H3 200 liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js Show response
assets.nationbuilder.com/assets/ 174 KB
53 KB 67ms
65ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid-6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: aH7QKxXPXcmsJoS6s1SF4Ba51a4DhoiK
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 71194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:32 GMT
server: cloudflare
etag: W/"c5d34981e474397332adfa4081ceecaa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 83732064fbc09972-FRA
x-amz-cf-id: lhLRMgYvxYbdSBqc_ms6Wa6L278wg7JNNHybdE_Wqiz7VgoPO8BTSA==
expires: Mon, 25 Dec 2023 00:00:36 GMT

GET
H3 200 donation_v2_page.js Show response
www.kennedy24.com/assets/liquid/ 2 KB
1 KB 1685ms
1684ms Script
application/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kennedy24.com/assets/liquid/donation_v2_page.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-middleware-start: t=1701499330230063
alt-svc: h3=":443"; ma=86400
x-request-id: c4051e70-a3c1-43eb-8277-2cefada5f3cb
x-runtime: 0.039264
x-content-digest: 97924c19946db9c05a96df5fd79c4dffb67f84d3
server: cloudflare
etag: W/"fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 83732064fe8c5d9e-FRA
x-rack-cache: stale, valid, store
expires: Mon, 18 Dec 2023 04:00:38 GMT

GET staged-donations.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET donate-jquery.ui.effect-slide.min.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET donate-jquery.ui.effect.min.js
joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/ 0
0

GET
H2 200 38b3ad1ee0.js Show response
kit.fontawesome.com/ 12 KB
4 KB 25ms
24ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 10
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8373206508894d62-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F58pYDH6A1GCAv-4wgwC

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/ 3 KB
990 B 24ms
23ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/89ef356b-89f6-4647-a097-558fbfa14d79/lightbox_speed.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d64a80c5311000e42e55ad2a62dcf422b9468ba55472d51d2165d4cddd1ef8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: c2oxAMJux4k4v0h/WvgOxg==
age: 3
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 21:00:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 1adecfda-501e-0038-6d35-315969000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 83732065089e9a2a-FRA
expires: Mon, 18 Dec 2023 00:01:36 GMT

GET
H2 200 706b9f1865.js Show response
kit.fontawesome.com/ 12 KB
4 KB 23ms
22ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/706b9f1865.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 9
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 837320650b8a9b7a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F57qV0NYSNSOnc_FJMnB

GET
H3 200 payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js Show response
assets.nationbuilder.com/assets/ 16 KB
4 KB 100ms
99ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments-e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: nYrFRH44Z9dvSsQMmxvs9RPzsmHG4Gsi
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 494737
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:53 GMT
server: cloudflare
etag: W/"7d0fc9aeec4f03aeef50129fbe29b1df"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83732064fbc59972-FRA
x-amz-cf-id: CTUYnbAUt9DYVJ-Z4CCYFBXIir_P_eX1WyP0jEOjDH5ar0D-Er6Vvg==
expires: Mon, 25 Dec 2023 00:00:36 GMT

GET
H3 200 payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js Show response
assets.nationbuilder.com/assets/ 35 KB
4 KB 101ms
100ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/payments_styling-3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: tE.L.zuQWxf9ft6Yeo3ica7oKSBsQYTG
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 573350
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 04 Nov 2023 00:55:35 GMT
server: cloudflare
etag: W/"ba73545e732d35824a90f9daee280d57"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cf-ray: 83732064fbc69972-FRA
x-amz-cf-id: 8LWyFi_uY5o1CMRAIgOAueMROzV290WbhpHDDH3PQ3n7aYXYAploVg==
expires: Mon, 25 Dec 2023 00:00:36 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 578 KB
143 KB 96ms
19ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3cf22b9a3c15bf0e20e085ed0b039686cfae3b53e4ca7d1bee1ef843aa1e98fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:29 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 12
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
etag: W/"758c8e94d5e04bf5f7c0956975acd740"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: Om3DwGIMt6AAklIjNUk3VrlFEKwlYfSzOfRV2ug1HtEIbXZ83Ikx-A==

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21a6640d3ce7365637d29a95caa2753b22d89b6a63b0ebe793c41a684682371e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 00:00:36 GMT

GET
H3 200 main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js Show response
assets.nationbuilder.com/assets/liquid/v3/ 469 KB
134 KB 101ms
101ms Script
text/javascript 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
x-amz-version-id: zlPj.IfBmhJWCnRphuyWdGEaI2oPDSyN
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-C2
age: 239313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:14:52 GMT
server: cloudflare
etag: W/"65f4d89d2236c9f9b248d9ed5de8dafa"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 83732064fbc79972-FRA
x-amz-cf-id: 0_PVLGoxtbzkA3ldcxIyfSp6frOxY1aTkITSe26bJpdzp2KGkQ9D3w==
expires: Mon, 25 Dec 2023 00:00:36 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 244 KB
77 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd2d00634c55d413b568ca8612211ad278317e0d401f8a8e4133d4079ec25dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:36 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 00:00:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: UWZyE4pGuARKoLyjS0p0UlSs4mRFWbWdSIjnVXmuoYWrKdsy76uQep1jo5+PMpg6Da4G9l0DqrUxU7ytgRFexw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 689052772650376 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689052772650376?v=2.9.138&r=stable&domain=www.kennedy24.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fa331e0ab41990001851e47d5c5050a194056d4f47c8653abbb250313be7b0a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 00:00:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cXgxWiRq2Od83EPSarISCUgjqB4DkNSh+jFN3K5Fnafk2zBjhUVuUEB/hWbz+k00KB+JrmZc/7ZFK3SyuU1CVg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
94 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9327724abab88267b017f2423fa7b5924af15060751d827c4702358f079fdc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CAPI12345&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9600c48c3a3e56c69c1fb0bf7413bb0d409e32aacc829502e923431df9c29457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:36 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 26ms
22ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTWV23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220095-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 22ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689052772650376&ev=PageView&dl=https%3A%2F%2Fwww.kennedy24.com%2Fcontribute%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&rl=https%3A%2F%2Fwww.kennedy24.com%2F&if=false&ts=1702857636759&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702857635472.1443171371&ler=empty&it=1702857636733&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 00:00:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
117 B 199ms
198ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a2489c35-b784-4ad8-b4d9-de6346d4202d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ff676461-a06d-40f1-98ef-b3ae7a157f47&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fcontribute%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 181
date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 581af13d2d598e84
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fbfe9cf48734a7f15db618916f1122e2d7886ebba5470b15a6127ab5ce3c5141
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
118 B 194ms
194ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a2489c35-b784-4ad8-b4d9-de6346d4202d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ff676461-a06d-40f1-98ef-b3ae7a157f47&tw_document_href=https%3A%2F%2Fwww.kennedy24.com%2Fcontribute%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&tw_iframe_status=0&txn_id=og9c6&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 175
date: Mon, 18 Dec 2023 00:00:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5d4dcac0a439ba3e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 090202bc780bd9d22dd07fafa9ec75162229baa856f0d6ea7c077c5ec1571d4d
content-length: 43

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 86ms
18ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 16:00:31 GMT

GET
H2 429 webfonts Show response
www.googleapis.com/webfonts/v1/ 1 KB
824 B 111ms
50ms XHR
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51f87477c3354d417897639fc89bf69dfb8cd79497f5ac4eaca946667de4f176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript
Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.kennedy24.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 501
x-xss-protection: 0

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 209ms
208ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
via: 1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-P1
age: 42025
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKEMwhzHM9DV0Yjk4SsBXMP%2BTzGEG1UlHkGHeinXZoYYNI0QkzbQDcaqWh1hC1No5LaAEbMskGjWW4bW9mx7h%2BE5ClnLT8%2BRESL2Bj4We1ZKR1owsZGqEnZx%2BGPa9klbTX%2BMQL1pj%2FF8CZ5wcyVgORu8Og%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 83732066bd763d92-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: JkVAN5KxU8-yBA9cp_lWm1t5ljVF26bZ1sAdzXkz9tU6xvwdZHyqag==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 208ms
207ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
via: 1.1 dff3fc94ddb54b32b708edf2668b23d2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-P1
age: 42025
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BsUQYY3EMlpxoiDK24XH%2FfEmWU9d2nX7Yn1Q9zwprxkVsrwBQHHQaCjzS2XY%2FSM%2BBdG0Fv%2BmHJy500I5tbk5%2FLIATztH4G1lm6WGnqRroVnYB6clEJ%2BtAz%2B6EEfOVvgXECnvGFnATRTuQQZJc7s64IALA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 83732066bd7a3d92-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: EoJeyZrlKpdIqoMd6J58fvByXiME2O3joVtlZ_mXAhRsK_urSKnmuA==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 206ms
205ms Fetch
text/css 2606:4700:e2::ac40:8007
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=706b9f1865
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/706b9f1865.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
via: 1.1 bbdc70020916d3473e0338359d834350.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN52-P1
age: 42025
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4fuhO5bbxeJEg6YDmEru8L5O24%2BrFQIJ9f7xU31SE11T060dQVY1JPQA2bUrg%2BFMkYVLbrfVGt16jsIJWzfSvWuwnPQ9zwJH8l3oHC3Iq%2Btdb%2BImweM%2Bv9SeBdwQGrpLEm1iWsXsNAw2ORBH14F7O35pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 83732066bd7b3d92-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Y7LVDKceOmPauHQu62ki1RnBb3c-RyN4IZtAdP_YILDldJZUANlXJg==

GET
H2 200 popper.min.js Show response
getbootstrap.com/docs/4.0/assets/js/vendor/ 19 KB
7 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:3a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.0/assets/js/vendor/popper.min.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3a64 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 5ef89a2e90029592e1c90b990e6b672de80ed512
date: Mon, 18 Dec 2023 00:00:36 GMT
via: 1.1 varnish
x-content-type-options: nosniff
expires: Thu, 30 Nov 2023 09:43:59 GMT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12
content-encoding: br
x-cache: HIT
x-proxy-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230049-FRA
last-modified: Thu, 14 Sep 2023 14:29:01 GMT
server: cloudflare
x-github-request-id: A428:0E81:3EF3FA3:401B8E9:6540671F
x-timer: S1701319650.485525,VS0,VE1
etag: W/"650318ad-4af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 83732066397536e0-FRA
x-cache-hits: 1

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
105 B 21ms
19ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1702857636876&h=www.kennedy24.com&e=p&u=45028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1451190
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 76c3db65-f01e-0035-6412-24b665000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8373206679799a2a-FRA

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 50ms
49ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 1355526
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83732066796b4d62-FRA
content-length: 120109

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 21ms
21ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=38b3ad1ee0
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 276119
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 83732066796c4d62-FRA
content-length: 7186

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/38b3ad1ee0/70955553/ 0
50 B 22ms
22ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/38b3ad1ee0/70955553/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/38b3ad1ee0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
age: 1357969
content-length: 0
x-request-id: F5zw7qu8YMsCiSdFWZfB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 83732066796d4d62-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 pro-fa-brands-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 38 KB
38 KB 19ms
15ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 305501
etag: "6568cc18-9620"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373206729cd4d62-FRA
content-length: 38432

GET
H2 200 pro-fa-solid-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 17 KB
17 KB 21ms
17ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 1152357
etag: "6568cc22-426c"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373206729ce4d62-FRA
content-length: 17004

GET
H2 200 pro-fa-regular-400-0.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 14 KB
14 KB 32ms
28ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-regular-400-0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:32 GMT
server: cloudflare
age: 1354710
etag: "6568cc1c-3904"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373206729cf4d62-FRA
content-length: 14596

GET
H2 200 pro-fa-solid-900-12.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 13 KB
14 KB 24ms
20ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-solid-900-12.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:38 GMT
server: cloudflare
age: 1134539
etag: "6568cc22-35f8"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373206729d04d62-FRA
content-length: 13816

GET
H2 200 pro-fa-brands-400-1.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 39 KB
39 KB 21ms
19ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-brands-400-1.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:36 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:28 GMT
server: cloudflare
age: 1355526
etag: "6568cc18-9cfc"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8373206729d14d62-FRA
content-length: 40188

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ced8d1611eb8e670bc0a2e2e852f9d3984783a2347e73a6ec40566049256af75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 00:00:38 GMT
content-md5: 4y5GbRThhJP5zLRSclQFlQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: WCGj1droDZpA3cRQG5Zqa+Bm09iw9TceSgUanRZq73/0PHIC4dbEg1DpgeR+xtfavnTJKkVNB0oORRJ5N1lJvg==
x-fb-content-md5: 9f6f2114da9a5e4bef58389bd877fe41
cross-origin-opener-policy: same-origin-allow-popups
etag: "4f0d9363531ed32cd8fe0c8520e51843"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Dec 2023 00:11:48 GMT

GET
H3 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/ 22 KB
4 KB 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=AAM/d=1/rs=AN8SPfrY35p5UgdPn4TtdEjc1Lh8oviZKQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 11:13:04 GMT

GET
H3 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq9WyBW4LEKGxY5XpehD7d6OpHyHg/ 255 KB
87 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfq9WyBW4LEKGxY5XpehD7d6OpHyHg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.GuXS6-6P8w8.O/am=AAM/d=1/rs=AN8SPfrY35p5UgdPn4TtdEjc1Lh8oviZKQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89479
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 14:12:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 13:33:09 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 1E03 200 B
1 KB 10ms
9ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1889
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:29:12 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Thu, 14 Dec 2023 21:10:54 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: Vn_q3K-RyVRCER9uHVnGmUi3aeENv9QycYri8euHSLwbaciQbcU7GQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 6239 41 KB
26 KB 92ms
92ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=sur0w67xubh2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

860f6e57e780d990b90b816292493d67c17cde00b2d51075989bde8c81298038

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rRMRsegrXn9KpdAWFCuWPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rRMRsegrXn9KpdAWFCuWPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET anchor
www.recaptcha.net/recaptcha/api2/ Frame 2DD1 0
0

GET
H2 200 controller-178897d5385a3bf887dfe4e49781abb9.html Show response
js.stripe.com/v3/ Frame 7311 325 B
1 KB 15ms
15ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

26b2472688f89977e2fb712267021234390bdfe5ec6fa9f533ff23b853b73798

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 31
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 00:00:11 GMT
etag: "178897d5385a3bf887dfe4e49781abb9"
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: aQ7poJCMo4a3xM2FMBIEpshvqF5Z_EQSmqIkm_WnZSS9bfreA3Rwdg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html Show response
js.stripe.com/v3/ Frame 3220 798 B
2 KB 13ms
13ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

19c9589a29fd2b63dadc59e983332f0a1d6f3c2337bea4c2739d046bf8d8b3e4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3390
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:04:09 GMT
etag: "b6c9ca151d1798039adc86cc585cf361"
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: aE6RQQrLeddZRPDlmoDHrKzs7e1fi40H9AxVktrV5ygtlKpqszbR2g==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html Show response
js.stripe.com/v3/ Frame 9F92 408 B
1 KB 11ms
11ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9ada11b91b8834fa00c5367126493ed9bc3272be510db81d0928ef733318c4c7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2320
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:21:58 GMT
etag: "502e16d059834a27f378d989d15a77c3"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: iWzquY4laad26RHQnnpVWNqlum6cuP0KK4WKoWs8TY16WBjaWCDgkw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html Show response
js.stripe.com/v3/ Frame 1671 344 B
1 KB 11ms
11ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d5b49d58a385787d0fb60f7191a7907f9806aa2e0fa7b75e45478653c5fe5636

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 00:00:18 GMT
etag: "3d1338653ea273b98255fef897f60659"
last-modified: Sat, 16 Dec 2023 02:01:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: mnUlROBrewrmWcrzUCQlgQIxVwI9wNfdhFGM2SSYbSX85H9TVGqudw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 4DFC 7 KB
1 KB 26ms
25ms Document
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.nationbuilder.com
URL: https://assets.nationbuilder.com/assets/liquid/v3/main-0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

671d6200371882486930885e1b324f7b83e6d3b9d75e8f2ebebc748942e2edfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DTL2FPznPddiVSUrihNs8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DTL2FPznPddiVSUrihNs8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 rum Show response
www.kennedy24.com/cdn-cgi/ 0
143 B 15ms
15ms XHR
text/plain 2606:4700:7::a29f:802d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kennedy24.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:802d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/contribute?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.kennedy24.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8373206fee065d9e-FRA

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 20ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je3bt0v9113043695z89133194504&_p=1702857636651&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916740890.1702857636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1702857635&sct=1&seg=1&dl=https%3A%2F%2Fwww.kennedy24.com%2Fcontribute%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dr=https%3A%2F%2Fwww.kennedy24.com%2F&dt=We%2C%20the%20People...%20%7C%20Kennedy24&_s=1&tfd=2931
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kennedy24.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1E03 631 B
1 KB 10ms
10ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:45:06 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 933
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 08 Dec 2023 22:43:11 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WlVu3N8Hf7gcXLv-je2fu3rg2AeXDGrOFs312X_mTfBbuCbzOSdm5Q==

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7311 546 KB
120 KB 10ms
10ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:05 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3519
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eETX-cxbFSbybvDajnCnQv9c7mk53F8QIr76H-3inYPYUB5K9DAXvQ==

GET
H2 200 controller-3009ed4386b7c4f898d75653511cf980.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7311 675 KB
173 KB 22ms
22ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-3009ed4386b7c4f898d75653511cf980.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8961b2078b1f45fffed48094dc24a1a1cc6a5ecf795923f7ad0f05eda5a1e67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:00 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3519
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:33 GMT
server: Cloudfront
etag: W/"5c9167a30550e77121defa78ef27d91b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8TKk7zEKpMjcyRSdB6MjuCMEAT6kdTZHtQIaME2B3iAzpvKuZNusGQ==

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3220 546 KB
120 KB 43ms
39ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:05 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3519
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: fRGm4-JVf-14a9CB765BcGtO3Ol7YsZubWe7-aRoDZT_4cxmLh8z8g==

GET
H2 200 ui-shared-91755eda885e69561a88a7c17d3d897e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3220 390 KB
101 KB 61ms
57ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-91755eda885e69561a88a7c17d3d897e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b19fcfb761fe1efc86e7a7c389adcec6b0ebe7c2ffed77feca0b5e9d3c0e1829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:04:00 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3399
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"bd6a4923417d9d1333b0f08aeb3e0b73"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OubFnbb_TIi9b2K5zVSNElatokAeX68ZKQNDolg7BGKJIKAwnDX06A==

GET
H2 200 elements-inner-card-2c55dbfc333c84a764261822f125508c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3220 52 KB
13 KB 62ms
62ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-2c55dbfc333c84a764261822f125508c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d0dae714a46e5e0da9afda153ef57c0c01057200adb80eb187a433bafecb1730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:05:51 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3288
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 15 Dec 2023 18:03:12 GMT
server: Cloudfront
etag: W/"38e1d048ad451f1e646694de838567f8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: QDu9AVYOwBK0BjbXbdz-zAXSH-k3B91hManVg2o0CroxwxWOBiG9PQ==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 3220 20 KB
3 KB 33ms
28ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:14:54 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2744
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:02 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oUSvZgQXbWmFbbQCPqp34duhS4w95FfXYSv8xJ5RVf58K1X0iTMiug==

GET
H2 200 elements-inner-card-ffdddff203057b4a6a583ff803904e83.css
js.stripe.com/v3/fingerprinted/css/ Frame 3220 14 KB
2 KB 64ms
60ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-ffdddff203057b4a6a583ff803904e83.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d2e02e6203beafeb853bba132abfdd519164ac638e65e2fbd70386c35b266229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:05:48 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3291
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 15 Dec 2023 18:03:00 GMT
server: Cloudfront
etag: W/"643e4f73ab17fdafc1344e27b26c5cb2"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: KkCq1HJnfSr2EM6nTccH9qK5dpbvj5jAJxnx7PyllPSgBMyLkTVNeg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 9F92 120 KB
37 KB 125ms
64ms Script
application/javascript 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DEf5-G1LPUN3hI4njsIiOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DEf5-G1LPUN3hI4njsIiOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 18 Dec 2023 00:00:38 GMT

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9F92 546 KB
120 KB 50ms
46ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:05 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3519
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: oWNcZ8-hpFx_VLA2OO8b0q6yu74NuqdOI_1Lzl5IbpgyWknSe1uf1g==

GET
H2 200 payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9F92 12 KB
5 KB 10ms
10ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-d42a7edb28c9f589b6f998074e9b20f1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a7049b5d9f001fec947060ee2cb8fe10a868af28ac081bfd494949f1d71c5716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-502e16d059834a27f378d989d15a77c3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:36:16 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1467
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:15 GMT
server: Cloudfront
etag: W/"d3b84c0be8c175de74dcee09b28293ff"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qZosIuzOOwQvGScLkCWS_npPxb3XhmAeWHwpF43Bfb1i5BXTXSaJMw==

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1671 546 KB
120 KB 63ms
61ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:05 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3519
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZOYEwwTse4cm-rLkEZsGWhtstH6q6V5MHybauH-diXKJCbDfqfSBEQ==

GET
H2 200 payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1671 13 KB
6 KB 66ms
64ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-20a59f0e8abb73e1cc5ff587921df7b1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3d72ceb6ab36c5f948e7a13ed3c55d48a65df90bbc7a89d6f698182e331bb868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-3d1338653ea273b98255fef897f60659.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:48:00 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 889
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:15 GMT
server: Cloudfront
etag: W/"aa012dc18d7e9e8c5e3f4b0344214f55"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: CQ_h0Cy5L2PeDUfs_sIT1Zz9tKnkQQphfH_aLU5ex8YGF92w5Eyt_g==

POST
H2 200 csp-report
q.stripe.com/ Frame 1E03 0
717 B 721ms
368ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639015611
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639014878
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1E03 0
717 B 702ms
348ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639010207
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639009769
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7311 0
717 B 710ms
357ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639015484
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639014833
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3220 0
717 B 712ms
361ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639015295
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639014844
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3220 0
717 B 705ms
354ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639010471
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639010068
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9F92 0
717 B 718ms
371ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639020253
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639019775
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9F92 0
717 B 697ms
350ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639010276
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639009921
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1671 0
717 B 707ms
361ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639015602
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639014820
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1671 0
717 B 718ms
371ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639020493
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639019678
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bb0843c5a441b38a9e3dd70141c86a9b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

40fcb568e13f2c1f81b31a992496e2c4518488393d259d3b7495ee80fc06c75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.kennedy24.com/
Origin: https://www.kennedy24.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 00:00:38 GMT
content-md5: H+kOpJrxc1hURbPut1BkCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88322
reporting-endpoints
x-fb-debug: Ee2452mlS3T6YBwssziqFfVa6sR4JDYnlzl6SFCzoXDiSF3AGg62lU1/YEQcj6k1gLzlAHBGSKE48po1g7cTHg==
x-fb-content-md5: f407c060ddb2052d6eed64bf9e8a8968
cross-origin-opener-policy: same-origin-allow-popups
etag: "07b502f56b73f3f318848f033d99229a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 16 Dec 2024 22:56:21 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4DFC 55 KB
24 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jfig4c4074qb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Dec 2024 23:49:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 4DFC 505 KB
203 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 16:00:31 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je3bt0v9113043695&_p=1702857636651&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916740890.1702857636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEE&_s=2&sid=1702857635&sct=1&seg=1&dl=https%3A%2F%2Fwww.kennedy24.com%2Fcontribute%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dr=https%3A%2F%2Fwww.kennedy24.com%2F&dt=We%2C%20the%20People...%20%7C%20Kennedy24&en=form_start&ep.form_id=contribute_page_new_donation_form&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.kennedy24.com%2Fforms%2Fdonations&epn.form_length=44&ep.first_field_id=donation_amount_5&ep.first_field_name=donation%5Bamount_option%5D&ep.first_field_type=radio&epn.first_field_position=2&_et=7&tfd=2956
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JWBYYEB6SQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 00:00:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kennedy24.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated Show response
/ Frame 798B 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 11:13:05 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 52F7 930 B
2 KB 42ms
12ms Document
text/html 2600:9000:224a:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 264
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:56:15 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
x-amz-cf-id: KVRsRQBQsnhwMJQXeKwelm2wktQqWyajTDyujTpqq-YV2tx9Rrcl2w==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 05:22:16 GMT
x-content-type-options: nosniff
age: 326302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 13 Dec 2024 05:22:16 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 6239 55 KB
24 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:49:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 16 Dec 2024 23:49:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 6239 505 KB
203 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 16:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 16:00:31 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7311 474 B
865 B 28ms
11ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:59:51 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
age: 48
x-amz-cf-pop: FRA6-C1
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: hmCJFM9OlPVHZSBNwRTDLXK0h0PL1wJjbvi1ukzXFSocvNko-r7VFw==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7311 474 B
862 B 19ms
12ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-178897d5385a3bf887dfe4e49781abb9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:59:51 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
age: 48
x-amz-cf-pop: FRA6-C1
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: dp2O61dFCV1r2TwR_C58dxnvpita3O_LgG6BPRjsB8I_-fKmdYmumQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 3220 474 B
864 B 9ms
9ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:59:51 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
age: 48
x-amz-cf-pop: FRA6-C1
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 33Cjo0qSnw0-PvNbfjhR-ma-RSLhKVOgErvBEQ6vFARC6BFUlpBX9g==

POST
H2 200 csp-report
q.stripe.com/ Frame 52F7 0
491 B 502ms
372ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639020836
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1702857639019749
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 52F7 87 KB
14 KB 13ms
13ms Script
text/javascript 2600:9000:224a:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:56:15 GMT
content-encoding: br
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 265
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: DUS51-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: TTs1G3GUs5PWzs2-W3CLTy9C46xJ4hAY8jVkUnwMWPFaHBmXMxTWKA==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 7311 2 KB
3 KB 289ms
228ms Fetch
application/json 198.202.176.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

25e944c39428b59a215356a4a75faaea0024b86b7df3190dbff516395150e5c3

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2481
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 6239 17 KB
7 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 04:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 04:20:13 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6239 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:09:58 GMT
x-content-type-options: nosniff
age: 528640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 18 Dec 2023 21:09:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6239 15 KB
15 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 261222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6239 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 356351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:27 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 707ms
356ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292718
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292547
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 698ms
348ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639289312
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639289126
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 697ms
347ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639289500
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639289080
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 720ms
370ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292891
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292680
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 718ms
368ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292828
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639292648
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 718ms
369ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292447
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639292275
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 716ms
367ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293235
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292651
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 730ms
381ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293497
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639292755
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 715ms
366ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293202
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639293064
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 704ms
355ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293127
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292843
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 705ms
357ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293321
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1702857639292802
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 868ms
520ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639461575
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639461048
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 703ms
355ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292845
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292588
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 871ms
523ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639461677
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639461160
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 718ms
370ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293238
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639293007
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 728ms
381ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293336
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292844
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 728ms
380ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293330
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292880
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 716ms
369ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292795
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639292528
access-control-allow-credentials: true
content-length: 0

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 6239 102 B
135 B 31ms
31ms Other
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=sur0w67xubh2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 00:00:38 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 712ms
379ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292768
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639292458
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame BAAD 19 KB
8 KB 65ms
65ms Document
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06b8ff5b2515fb79dd964c3b92da81c7f30e170ba70ca16bf523f0a871d14dba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dpIIZTuJaYg_YAVIpQZo5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dpIIZTuJaYg_YAVIpQZo5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 691ms
368ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292861
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292536
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 679ms
356ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293324
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639293100
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 678ms
357ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293065
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292897
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 3220 474 B
864 B 16ms
9ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:59:51 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
age: 48
x-amz-cf-pop: FRA6-C1
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: ehi7sj3vHwMQW__6TM-QfLbL8DoTGvSHDO-AgYXj8fbyPY2PbMKHDw==

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 663ms
357ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292956
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292804
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 636ms
356ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292775
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292409
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 628ms
354ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292483
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292310
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 52F7 156 B
669 B 537ms
180ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

27feaec28bb2508f0e366d2b95be6e33d49288cff435021d96c75b9118be517c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639211762
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702857639211464
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 617ms
350ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639289490
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639289256
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 618ms
351ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639290793
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639290653
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 3220 0
275 B 605ms
346ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639289373
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639289161
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 3220 0
274 B 639ms
380ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292901
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639292561
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 3220 0
274 B 610ms
351ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639290748
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639290560
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame BAAD 159 KB
56 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57423
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 17:20:42 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame BAAD 2 KB
2 KB 118ms
118ms Other
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame BAAD 73 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 17:45:59 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame BAAD 1 MB
376 KB 71ms
70ms XHR
text/html 2a00:1450:4013:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c06::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0895678165e21a22e2897c7e34684856dcf3689e5f1157ed5375455c37416239

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0d537e2PimGjWYHaVlgD_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0d537e2PimGjWYHaVlgD_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 18 Dec 2023 00:00:38 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame BAAD 9 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 19:23:02 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame BAAD 37 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:35:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 19:35:35 GMT

POST
H3 200 log Show response
play.google.com/ Frame BAAD 131 B
155 B 77ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
22ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame BAAD 131 B
155 B 74ms
43ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
21ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame BAAD 131 B
155 B 76ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
22ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame BAAD 131 B
155 B 75ms
45ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
23ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 646ms
533ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639465240
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639465084
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 636ms
524ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639463143
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639462886
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-827a3488b1f821a00d591981ed0638c9.html Show response
js.stripe.com/v3/ Frame 5746 70 KB
23 KB 16ms
16ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-827a3488b1f821a00d591981ed0638c9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

73d7bd66f1294a4d3e7dd7bb5d73df2d45498f106e2974121ce59077cc732c6f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-v1phTvup/OCz9epBv1PwPWYsld9fIqfjYyGXoXle5cE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 40
cache-control: max-age=60
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-v1phTvup/OCz9epBv1PwPWYsld9fIqfjYyGXoXle5cE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:59:59 GMT
etag: W/"827a3488b1f821a00d591981ed0638c9"
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: svc34wrkhgHwnZ6fn0h1Iijp39YTwT08hdyT1wrBTMU3pF1VrjZH6g==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 625ms
524ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639463122
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639462982
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 639ms
539ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639465321
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639465136
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 633ms
533ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639464935
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639464575
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-7c5affd44f7be899b2e4e0b567629e7e.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
35 KB 19ms
19ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-7c5affd44f7be899b2e4e0b567629e7e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7fca7fbee6f960ca0c929ed86e99e6078981b2000629fad83c2fb36530dbcbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kennedy24.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:38 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 612
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 08 Dec 2023 22:43:11 GMT
server: Cloudfront
etag: W/"a4e8e6cecb07513a8c3637f2fb95c7b9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HNBzn0PPBNC3U9hATBwQ4HFGE0KjQrSaWBSB2nbOl_pnTh5jATwHyA==

GET
H2 200 elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html Show response
js.stripe.com/v3/ Frame 20A6 73 KB
16 KB 16ms
16ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

28b2083d9cfda98be0327a8b096bc027678d78e6ec150696d66d27c168387ab3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 3345
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:04:54 GMT
etag: W/"a5b7d5c973b7eb5efe32c88bcef8e355"
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: qyQxkYOT5ls6-1JJd20atXrqeyiksBjsHt82yhRPOnnU0YS-rn4KkQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 621ms
528ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639463125
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639462919
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 631ms
540ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466101
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639465582
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 618ms
528ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639463122
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639462917
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame BAAD 131 B
155 B 78ms
48ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:39 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 23ms
23ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame BAAD 131 B
155 B 74ms
44ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 00:00:39 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 612ms
527ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639463141
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639462865
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 20ms
19ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 18 Dec 2023 00:00:38 GMT
expires: Mon, 18 Dec 2023 00:00:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 613ms
528ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639463228
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639462802
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 5746 0
717 B 184ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639045489
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639045144
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 20A6 0
717 B 177ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639045666
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639045175
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 20A6 0
717 B 177ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639045763
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639045376
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 20A6 546 KB
120 KB 16ms
16ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:05 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3519
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OZoAaKxxfUll5ASfwfi99EJriXVIJxt6TReJ1JKKKymoYQIMpgbFkw==

GET
H2 200 elements-inner-link-button-for-card-99e1053df8b3cdd6264998124c613e28.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 20A6 25 KB
9 KB 19ms
18ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-99e1053df8b3cdd6264998124c613e28.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2f930a05ca463582b325c1e317bfec295d6f644951b4d44be5724d71c2777cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:26:23 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2065
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Tue, 12 Dec 2023 18:03:57 GMT
server: Cloudfront
etag: W/"9a76aaf8c2784316e53afd7947d046fa"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: K7Rur_u1w82FlAiB-kWO2-2Utq5gDa_91T1x4UKUFv91E0NxeFZJlw==

GET
H2 200 elements-inner-link-button-for-card-42a4ee70245e79dcd6b946f237887fcd.css
js.stripe.com/v3/fingerprinted/css/ Frame 20A6 25 KB
4 KB 20ms
19ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-42a4ee70245e79dcd6b946f237887fcd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

88c3d4d5beaaf259f1a4d85ec5c6b14e74ea9d0a6ce99751fa218f57757785c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a5b7d5c973b7eb5efe32c88bcef8e355.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:13:57 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2811
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:02 GMT
server: Cloudfront
etag: W/"08aa13fc3d627e7cc58096e8a319c2c8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: A0RXGVr7n5AJSaT6kLueSxJZILvgfM-6VCup2lkayXi37Q_KztSdFA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 5746 474 B
863 B 13ms
9ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-827a3488b1f821a00d591981ed0638c9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-827a3488b1f821a00d591981ed0638c9.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:59:51 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
age: 48
x-amz-cf-pop: FRA6-C1
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: E0ptEKNN6C_E2VtiVvZaSWKE6yG3RRFkb0mlKO3VQsE2be3ASZ5u0g==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v19.2/ Frame 5ABD 419 B
913 B 448ms
428ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-827a3488b1f821a00d591981ed0638c9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

812091a91a8e2a825050fb688375d19996b235d7cbe8b0ae9d526cba0fb7288d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=60
content-encoding: br
content-length: 283
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 00:00:39 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-request-id: 59299a05-03d9-46c7-a4b9-92071e39e95b
x-served-by: cache-fra-eddf8230050-FRA
x-timer: S1702857639.996694,VS0,VE421

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 585ms
524ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639461664
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639461525
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 441ms
380ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639293034
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292468
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html Show response
js.stripe.com/v3/ Frame 7C1A 820 B
2 KB 11ms
10ms Document
text/html 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79d5b46ef170219bb0354c458c9b534500ba1eacc76a216134c413ca5ce68b56

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kennedy24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1623
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 23:33:36 GMT
etag: "243d4ef43b493f64e352a0d979a9347f"
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
x-amz-cf-id: sILXXRsen9L39E7Z6A78XG-4PJ9KWUCcBwmInNN_CdR_nJACdYVLtg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 425ms
378ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639292716
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639292237
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 565ms
521ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639461526
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639461095
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 575ms
532ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639462935
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639462766
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-09d478928cbcbe4632e76e0761d54ca7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C1A 546 KB
120 KB 12ms
11ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:02:05 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3520
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"231d7e676025140a03edcd1dae1e6ac8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 2-bcSUmuZqDA5NJrapqpvkPSZ__RsxLGrEN4SfVM33tK5lxK1TzUfg==

GET
H2 200 ui-shared-91755eda885e69561a88a7c17d3d897e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C1A 390 KB
101 KB 21ms
21ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-91755eda885e69561a88a7c17d3d897e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b19fcfb761fe1efc86e7a7c389adcec6b0ebe7c2ffed77feca0b5e9d3c0e1829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:04:40 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3400
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:36 GMT
server: Cloudfront
etag: W/"bd6a4923417d9d1333b0f08aeb3e0b73"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: HdGqGs2wjIBVo66x8pa6tZA2wWzBaYhhcqeg_6MfJsLFmRVho4HDlg==

GET
H2 200 elements-inner-payment-request-fb73410830e5ea8130d86b6ba062a909.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7C1A 72 KB
25 KB 17ms
17ms Script
text/javascript 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-fb73410830e5ea8130d86b6ba062a909.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7f143fbc9b4cb2c1162b1ad7f0c3db54131ac0340d05712a6394b2401d410b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:25:06 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2134
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:13 GMT
server: Cloudfront
etag: W/"1a6cb170acfebad268da86b527fbaf70"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WaNtKOQQs6s-F6NvZ36f2nv20kOdcsHzXB0CeiaTK5e4keDI1mUcwg==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 7C1A 20 KB
4 KB 10ms
10ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:15:26 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2745
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:02 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8qakvgTYd8eLkJcSYqMI1EtfPZ7BuBcFYgKEs1oVAdfaDG52zJY9Fg==

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 7C1A 11 KB
3 KB 20ms
20ms Stylesheet
text/css 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 23:34:32 GMT
content-encoding: br
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1568
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 08 Dec 2023 22:42:58 GMT
server: Cloudfront
etag: W/"828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GRu_TCiUXPdwA6xVeffLOJLkROz8RFoe6o0Ui8sEIcBkklI-iGVHHw==

POST
H2 200 csp-report
q.stripe.com/ Frame 7C1A 0
717 B 182ms
182ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639099986
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639098985
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7C1A 0
716 B 180ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639100211
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1702857639099037
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 6239 13 KB
9 KB 62ms
62ms XHR
application/json 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3210bc1be605060cffac847fe3efb94f7756d02017ad28ee304d23a4804dc38d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=sur0w67xubh2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 00:00:39 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7C1A 474 B
863 B 11ms
9ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-122.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-243d4ef43b493f64e352a0d979a9347f.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:59:51 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 02:37:23 GMT
server: Cloudfront
age: 49
x-amz-cf-pop: FRA6-C1
etag: "6cd354e128f7fce67604c63e067ce620"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: iR8v6MWR9iyNkXJj2s3peEmsx92n-DPIkd7kr1SIfaWvNZRth_0gRA==

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 512ms
512ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466083
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639465618
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 501ms
501ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639465847
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639465673
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 508ms
508ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466164
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639465756
access-control-allow-credentials: true
content-length: 0

GET
H2 200 countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 3220 145 KB
37 KB 11ms
10ms Fetch
application/json 99.86.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-122.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

007b4be1404b0f21a158fa83a2ae9375393b2d932a17e9745aa392fcadc7cf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-b6c9ca151d1798039adc86cc585cf361.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 23:20:41 GMT
content-encoding: br
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2399
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 14 Dec 2023 21:10:40 GMT
server: Cloudfront
etag: W/"9ffc15b92962ca316164b9a5ff4c1917"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZCE0E5Nx8drUyRILZI6uaKX3ORGMP_ql4eNjpQIggjmpsFXSzERVjA==

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 433ms
433ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466106
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1702857639465801
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 423ms
423ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466291
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639465848
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 422ms
422ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466406
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639465922
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 378ms
377ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466378
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639465917
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 357ms
357ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466498
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639466091
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 351ms
351ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639466133
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639465964
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 52F7 156 B
668 B 181ms
181ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

27feaec28bb2508f0e366d2b95be6e33d49288cff435021d96c75b9118be517c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639400217
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702857639399893
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 52F7 156 B
668 B 233ms
233ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

27feaec28bb2508f0e366d2b95be6e33d49288cff435021d96c75b9118be517c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639450713
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1702857639450444
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame 5ABD 326 KB
92 KB 38ms
20ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f57e1e7f7381ec0e4eb185ca491323450dd0742b19a6097995bac78487a1835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 83a832076b51893181e363f73e0d6d7a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: o2o2WA3L7Ll5QYn5daiC77yP7vRQJRVn
age: 0
x-amz-cf-pop: LHR5-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 21:28:53 GMT
server: cloudflare
etag: W/"b0204ba9adc9845b676113f41ae6d9c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 837320768c729b64-FRA
x-amz-cf-id: ZUmEaP8FdvFiyN63Ss8_hDL9_uOxw1YFabSKWV4Gqte8DDare1wsmQ==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0a54ab41.c7ae46076ac46d9976f0.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v19.2/ Frame 5ABD 114 KB
37 KB 8ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~0a54ab41.c7ae46076ac46d9976f0.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

67d2a36b1cd1a04f4d83f6236578a94f7e92d42e4d6b8ca92cc5907cd7141dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 18 Dec 2023 00:00:39 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 3375077
x-cache: HIT
content-length: 38077
x-request-id: d49d3b78-9d07-48fa-999a-c655de004daa
x-served-by: cache-fra-eddf8230050-FRA
server: Fastly
x-timer: S1702857639.427453,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6741

GET
H2 200 HCaptchaInvisible.37d68ac55a3b552626ea.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v19.2/ Frame 5ABD 17 KB
7 KB 14ms
13ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.37d68ac55a3b552626ea.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e022bf1eea671da2d6efea06143eff9e04e2a77bcd21a52173de556b42e39725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v19.2/HCaptchaInvisible.html?id=027051ec-fc8e-492a-b51f-a069c0b5cf94&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 18 Dec 2023 00:00:39 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 3375074
x-cache: HIT
content-length: 7158
x-request-id: 3a8fb825-9d27-4188-9ad0-f702cdaac04f
x-served-by: cache-fra-eddf8230050-FRA
server: Fastly
x-timer: S1702857639.427581,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6535

POST
H2 200 csp-report
q.stripe.com/ Frame 5ABD 0
491 B 176ms
176ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.kennedy24.com
URL: https://www.kennedy24.com/donate?amount=5&utm_campaign=united&utm_medium=email1&utm_source=joinkennedy

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1702857639515403
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1702857639514969
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/ Frame ED3A 2 KB
1 KB 16ms
15ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=dku2wp0qrpq

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2446eb8c34c46d0095cce18e4ae305c1cc795af30b6daa77dbae9a5d0f20691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 73128
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 83732076dc889b64-FRA
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 00:00:39 GMT
last-modified: Thu, 14 Dec 2023 21:28:53 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
x-amz-cf-id: Yml85Jdx7yMvqwNL7SEKJIvj9aq2xEkZF32kcEFA8VGT0CeQONdN-g==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: sfBs_KpP21ISqEty0JtaAonCMuRUeTuB
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 177ms
177ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:39 GMT
x-stripe-server-envoy-start-time-us: 1702857639581680
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857639581227
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/1bcdbdd/ Frame ED3A 326 KB
92 KB 17ms
17ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=dku2wp0qrpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f57e1e7f7381ec0e4eb185ca491323450dd0742b19a6097995bac78487a1835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=dku2wp0qrpq
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 83a832076b51893181e363f73e0d6d7a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: o2o2WA3L7Ll5QYn5daiC77yP7vRQJRVn
age: 73129
x-amz-cf-pop: LHR5-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 21:28:53 GMT
server: cloudflare
etag: W/"b0204ba9adc9845b676113f41ae6d9c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 83732076fc969b64-FRA
x-amz-cf-id: ZUmEaP8FdvFiyN63Ss8_hDL9_uOxw1YFabSKWV4Gqte8DDare1wsmQ==

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame ED3A 719 B
885 B 40ms
40ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=1bcdbdd&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d55683b88f737538f17adfe1c0f393f947515c7daeefcf8c79d0ac25fdb832e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 837320773cb69b64-FRA
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/faa119b/ Frame ED3A 508 KB
220 KB 21ms
21ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/faa119b/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14122038df6d195dcc1aeb30722dd822981c3a95226967e03bcdea671a070f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/static/hcaptcha.html?_v=dku2wp0qrpq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: DJw89Ofqo07U920Jzu_lcg0MWEKwKqeU
age: 1373995
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 29 Nov 2023 18:28:16 GMT
server: cloudflare
etag: W/"93dd60995db54b08624e603d126ca4b1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 837320778f0b373e-FRA
x-amz-cf-id: 8QVqZAdvnCEMWIm7Ig_74IOv9jawv-HuQ897Ktr6g1ra9uUBuZnxPw==

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame ED3A 3 KB
3 KB 129ms
129ms XHR
application/json 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1bcdbdd/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692eba7450e558fec80c4dbe3a19c4d88be3b980b19d54e57c5162895f24bd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Dec 2023 00:00:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 837320790816373e-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 0 Show response
r.stripe.com/ Frame 7311 0
274 B 177ms
177ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-09d478928cbcbe4632e76e0761d54ca7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 18 Dec 2023 00:00:40 GMT
x-stripe-server-envoy-start-time-us: 1702857640060768
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1702857640060288
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JWBYYEB6SQ&gtm=45je3bt0v9113043695&_p=1702857635387&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=916740890.1702857636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702857635&sct=1&seg=0&dl=https%3A%2F%2Fwww.kennedy24.com%2Fdonate%3Famount%3D5%26utm_campaign%3Dunited%26utm_medium%3Demail1%26utm_source%3Djoinkennedy&dt=Donate%20%7C%20Kennedy24&en=scroll&epn.percent_scrolled=90&_et=39&tfd=1615

Domain: www.kennedy24.com
URL: https://www.kennedy24.com/cdn-cgi/rum?

Domain: translate.googleapis.com
URL: https://translate.googleapis.com/element/log?hasfast=true&authuser=0&format=json

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.scss

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/fslightbox.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/k24-float-label.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/localized-inputs.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/bs-custom-file-input.min.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/bootstrap.min.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/staged-donations.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/donate-jquery.ui.effect-slide.min.js

Domain: joinkennedy.nationbuilder.com
URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/donate-jquery.ui.effect.min.js

Domain: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LekWdoZAAAAAA61Owqhdq5e8IIQEfJbEOs8IT8T&co=aHR0cHM6Ly93d3cua2VubmVkeTI0LmNvbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jfig4c4074qb

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 21:20:09	Name: _GRECAPTCHA Value: 09AFVEQSevSBIHLeHt8AXFGb_wdpLu44PJawHLKa1HsDI_i52qdtFse3i5KveuIDaHaynJAKiTeQDB1zjsuWBLJd0
www.kennedy24.com/	1969-12-31 23:59:59	Name: _nbuild_token Value: pdpgjJWQedrDvhItmFtw1IuDFt%2FSGeCXz7TQeOXEviQ%3D
.www.kennedy24.com/	1970-01-20 17:00:59	Name: __cf_bm Value: tni5.qlVlV_qIsusraDV7O8YhD9nusyDtDG220HRu4M-1702857635-1-AaB2839RtzCaC4j6anaomqItZDDvGXFVqzjBA2cedUFlZBNvTWwnpXNT3oCgWu8X+Tt4Iq+eJp+7jEP5yKZGXHE=
.nationbuilder.com/	1970-01-20 17:00:59	Name: __cf_bm Value: 5WoWuwIiX.YiOE_0Y0BHM7Ex.2BEVLnqgr9hs3VJHM4-1702857635-1-AWdOAvLXh1XoJP/41eQTAWbQlNWica6xljV7IYsxdXr3aHbP3pjMqZSTzX+ukGBa3rFCWf6df5wu9Kwl5qLMWqM=
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Otf8_MYCx8o9.T2VEM3Q8WOlyyTvTC4kBPs808WwwM4-1702857635310-0-604800000
.kennedy24.com/	1970-01-20 19:10:33	Name: _fbp Value: fb.1.1702857635472.1443171371
.kennedy24.com/	1970-01-21 02:36:57	Name: _ga Value: GA1.1.916740890.1702857636
.twitter.com/	1970-01-21 02:36:57	Name: guest_id_marketing Value: v1%3A170285763584370927
.twitter.com/	1970-01-21 02:36:57	Name: guest_id_ads Value: v1%3A170285763584370927
.twitter.com/	1970-01-21 02:36:57	Name: personalization_id Value: "v1_Nqrwxd0vnpgR9Yt1unw1vQ=="
.twitter.com/	1970-01-21 02:36:57	Name: guest_id Value: v1%3A170285763584370927
.t.co/	1970-01-21 02:36:57	Name: muc_ads Value: 18cb9b5f-e918-4a40-9f2b-fe14e41036bb
.www.kennedy24.com/	1970-01-21 01:46:33	Name: cf_clearance Value: QBZ.qGZcm1wcs3YVt2ei4zGJaulxEjhwZhF4bgiZNMw-1702857636-0-1-7d5d912a.c0c85b4c.105cb253-0.2.1702857636
.kennedy24.com/	1970-01-21 02:36:57	Name: _ga_CAPI12345 Value: GS1.1.1702857635.1.1.1702857636.0.0.0
.kennedy24.com/	1970-01-21 02:36:57	Name: _ga_JWBYYEB6SQ Value: GS1.1.1702857635.1.1.1702857638.57.0.0
.google.com/	1970-01-20 21:24:28	Name: NID Value: 511=IdzGLnUIo1Ue_XskZGko_bkrQuNR3Aduwvua1sC0ViZaGPZEMvpGY5-2bW-_7iwoQPIoV0WKTvYFvmDTQPPvmvUJqzr_RhRIkKg6h1U1RIIzFzFuZeZi_NX3iBitNZ9g0HWuyeIdyg9qD6-k9yBOiVk8Qci74hjJmRBZb11iD2k
m.stripe.com/	1970-01-21 02:36:57	Name: m Value: cf8cd848-a921-4590-b163-be247579c616b53de7
.www.kennedy24.com/	1970-01-21 01:46:33	Name: __stripe_mid Value: cf71500e-0a1e-497b-bb2d-a404c0afccb9fdf6a4
.www.kennedy24.com/	1970-01-20 17:00:59	Name: __stripe_sid Value: 4cc8fba3-3cc1-4717-8796-a3b03db8f2e154fc88
api.hcaptcha.com/	1970-01-20 17:44:09	Name: hmt_id Value: ec5b1c34-bd7e-4b9c-9b40-e0c396c02b34

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.scss Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/staged-donations.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/k24-float-label.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/fslightbox.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/bs-custom-file-input.min.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/localized-inputs.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/theme.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/bootstrap.min.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/donate-jquery.ui.effect-slide.min.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://joinkennedy.nationbuilder.com/themes/5/64d2c492293422032dbe640b/0/attachments/16968320071702852407/default/donate-jquery.ui.effect.min.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://www.googleapis.com/webfonts/v1/webfonts?key=AIzaSyCCOU0NUKc65rzK0EdE-6XNdE68x6mGnD8 Message: Failed to load resource: the server responded with a status of 429 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors joinkennedy.nationbuilder.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
api.hcaptcha.com
app.livechatai.com
assets.nationbuilder.com
b.stripecdn.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
hcaptcha.com
imagedelivery.net
joinkennedy.nationbuilder.com
js.stripe.com
ka-f.fontawesome.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
newassets.hcaptcha.com
o1416993.ingest.sentry.io
p.typekit.net
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.analytics.google.com
rfkjr.co
server-side-tagging-ptjx4tds2q-uc.a.run.app
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
translate.google.com
translate.googleapis.com
use.typekit.net
www.facebook.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.kennedy24.com
www.lightboxcdn.com
www.recaptcha.net
joinkennedy.nationbuilder.com
region1.analytics.google.com
translate.googleapis.com
www.kennedy24.com
www.recaptcha.net
104.19.218.90
104.19.219.90
104.244.42.133
104.244.42.67
146.75.120.157
151.101.128.176
198.202.176.201
2001:4860:4802:32::36
2001:4860:4802:34::35
2600:9000:224a:3800:19:7d10:bd80:93a1
2606:4700:10::6816:3a64
2606:4700:20::681a:db
2606:4700:4400::ac40:93bc
2606:4700:7::a29f:802d
2606:4700::6810:3965
2606:4700::6812:324
2606:4700::6813:d483
2606:4700:e2::ac40:8007
2a00:1450:4001:803::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a00:1450:4013:c06::5c
2a02:26f0:3500:16::215:148b
2a02:26f0:480:f::213:7ee1
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.120.195.249
34.133.104.50
44.233.104.20
54.187.119.242
54.187.159.182
99.86.4.122
007b4be1404b0f21a158fa83a2ae9375393b2d932a17e9745aa392fcadc7cf2f
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
06b8ff5b2515fb79dd964c3b92da81c7f30e170ba70ca16bf523f0a871d14dba
0895678165e21a22e2897c7e34684856dcf3689e5f1157ed5375455c37416239
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa16a2e84fcb15b351dd0de4418949c84ac9bba999074007345fe1dabe8645d
116b5b718ba3beeea9dd77ad669ca8aff001cf40c1c6e549dd38c3d08668d4cd
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
14122038df6d195dcc1aeb30722dd822981c3a95226967e03bcdea671a070f4b
161adc1b69be76ccc5346711bc49c475f190bcf75dd03c834032e4b065330e20
19c9589a29fd2b63dadc59e983332f0a1d6f3c2337bea4c2739d046bf8d8b3e4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
21a6640d3ce7365637d29a95caa2753b22d89b6a63b0ebe793c41a684682371e
25e944c39428b59a215356a4a75faaea0024b86b7df3190dbff516395150e5c3
26b2472688f89977e2fb712267021234390bdfe5ec6fa9f533ff23b853b73798
27feaec28bb2508f0e366d2b95be6e33d49288cff435021d96c75b9118be517c
28b2083d9cfda98be0327a8b096bc027678d78e6ec150696d66d27c168387ab3
2f930a05ca463582b325c1e317bfec295d6f644951b4d44be5724d71c2777cfa
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
3210bc1be605060cffac847fe3efb94f7756d02017ad28ee304d23a4804dc38d
32a5e615ea1a48e4ca241418b5135fba3a81cabfc49ef1e5c1dfe5514aa49c7a
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3cb98755e69cd4399888137a7648ee6eabdd63c4d4c547626e7174d769be6e1b
3cf22b9a3c15bf0e20e085ed0b039686cfae3b53e4ca7d1bee1ef843aa1e98fc
3d72ceb6ab36c5f948e7a13ed3c55d48a65df90bbc7a89d6f698182e331bb868
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40357c8f038ea69750526293412e0b02e7a984b7484f98be4634c75ed3307709
40fcb568e13f2c1f81b31a992496e2c4518488393d259d3b7495ee80fc06c75b
41e31ded193f6c61a9a1ea500a41ee70760505d4d5387a4be3b240760392da2e
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
4aae83ca0e34e5fef9bebf88ca4edfdf495e4927bbd583d1f05ff101c9421d4c
4be37bbc2e40bc238e8895eac52b3a9d27059588647c4834dbd8e7210070e526
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
51f87477c3354d417897639fc89bf69dfb8cd79497f5ac4eaca946667de4f176
558591ec381069734425371376e35d980cf72fd9fd2ac08f4f36fb9a9df84438
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
64ad4ddd145a9faa9e5f7f7d78f9e3da6255db563b968ea6a080d526bb68131b
671d6200371882486930885e1b324f7b83e6d3b9d75e8f2ebebc748942e2edfe
67d2a36b1cd1a04f4d83f6236578a94f7e92d42e4d6b8ca92cc5907cd7141dcf
692eba7450e558fec80c4dbe3a19c4d88be3b980b19d54e57c5162895f24bd2b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6fa331e0ab41990001851e47d5c5050a194056d4f47c8653abbb250313be7b0a
6fda76e47cd1a46bec92e2adac0a0453c78638197e234d7667c2ff4366c5a44a
70356aaad8b043112594064fea69694e5af4f17b6af4d4836b184735afe24c56
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
73d7bd66f1294a4d3e7dd7bb5d73df2d45498f106e2974121ce59077cc732c6f
74a39682b8b03d5de587026a0f4d5b595696818b3d23952c15facf182d7c5e78
7592e61876da5df397281e08f2abf3aa56ddd0f8b4b816f7e6b961e8a4153932
77ba0f0971a262f3fe1999d37208a8a7ffa1f2e563d4437bd03b1866a2219749
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79d5b46ef170219bb0354c458c9b534500ba1eacc76a216134c413ca5ce68b56
7f143fbc9b4cb2c1162b1ad7f0c3db54131ac0340d05712a6394b2401d410b9b
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fca7fbee6f960ca0c929ed86e99e6078981b2000629fad83c2fb36530dbcbcc
812091a91a8e2a825050fb688375d19996b235d7cbe8b0ae9d526cba0fb7288d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c4d72a63c76190b0b1532654839d8e0d8099fa7b672670750185ba47b331f8
860f6e57e780d990b90b816292493d67c17cde00b2d51075989bde8c81298038
88c3d4d5beaaf259f1a4d85ec5c6b14e74ea9d0a6ce99751fa218f57757785c3
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8961b2078b1f45fffed48094dc24a1a1cc6a5ecf795923f7ad0f05eda5a1e67b
8d18314f0d9dd325e472c28b8180d4741682b2cca9819f1a81180ec210c5934d
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9600c48c3a3e56c69c1fb0bf7413bb0d409e32aacc829502e923431df9c29457
9ada11b91b8834fa00c5367126493ed9bc3272be510db81d0928ef733318c4c7
9f57e1e7f7381ec0e4eb185ca491323450dd0742b19a6097995bac78487a1835
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6770f1b8a07a7e0b2a5ba73da5feb6f86dd9e5d5e7f0f7237c476bc7f8650ec
a7049b5d9f001fec947060ee2cb8fe10a868af28ac081bfd494949f1d71c5716
a99f75748195e5af07ffca593afce5492ce8533501371377f17d77b89eeab8ab
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd9a7e1c37a12896fb2df2f591a565c40f87c3194d32f85d1e4499426bfcc1d
b190041b79f9ebcb446ab01f41dbe060d59ebfa55e042fab8503b8b6f7c0dce5
b19fcfb761fe1efc86e7a7c389adcec6b0ebe7c2ffed77feca0b5e9d3c0e1829
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b942de2747bb1449f8d908a33c8ce9e4a2ee6b84327cce766d5378a13665d027
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd2d00634c55d413b568ca8612211ad278317e0d401f8a8e4133d4079ec25dd9
ced8d1611eb8e670bc0a2e2e852f9d3984783a2347e73a6ec40566049256af75
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0dae714a46e5e0da9afda153ef57c0c01057200adb80eb187a433bafecb1730
d2e02e6203beafeb853bba132abfdd519164ac638e65e2fbd70386c35b266229
d55683b88f737538f17adfe1c0f393f947515c7daeefcf8c79d0ac25fdb832e9
d5b49d58a385787d0fb60f7191a7907f9806aa2e0fa7b75e45478653c5fe5636
d64a80c5311000e42e55ad2a62dcf422b9468ba55472d51d2165d4cddd1ef8dc
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e022bf1eea671da2d6efea06143eff9e04e2a77bcd21a52173de556b42e39725
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2d51187f660cba449c70f7f87f733f762042cf340a5fd57e0f8c1fbf885c033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c
e9667a4e6040f90f8e1648ecd089211e380aee7fcde15f71570aef17d1a8e637
ea2d62c7e90b08a7c41206758ce52af7059a58cdfb6a2964f341642298eb9a15
eef2d843b6778b710b40edb636b588fa4ccc8975a29cef25ac3125b96cc778cf
ef524299e2aca1447f5b5102ffd3666f294cf61829f9039f40db78f11c765f40
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f2446eb8c34c46d0095cce18e4ae305c1cc795af30b6daa77dbae9a5d0f20691
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f7b8e0ff2ce575f80ab74fbefe460a2de27bf402f929646f38bccad6a87e5410
f9327724abab88267b017f2423fa7b5924af15060751d827c4702358f079fdc0
fb9587e00635538a323c71ca0352879bd24aa5b88f8c869317812ae5e505263f
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.kennedy24.com Open in urlscan Pro 2606:4700:7::a29f:802d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

330 Requests

95 %HTTPS

69 %IPv6

28 Domains

46 Subdomains

43 IPs

5 Countries

6706 kBTransfer

22086 kBSize

20 Cookies

7 Outgoing links

Page URL History

Redirected requests

330 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.kennedy24.com Open in urlscan Pro
2606:4700:7::a29f:802d Public Scan

Screenshot
Live screenshot

Full Image

330
Requests

95 %
HTTPS

69 %
IPv6

28
Domains

46
Subdomains

43
IPs

5
Countries

6706 kB
Transfer

22086 kB
Size

20
Cookies

330 HTTP transactions
3 data transactions