www.kesem.org Open in urlscan Pro
18.102.16.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://donate.kesem.org/
Effective URL:
https://www.kesem.org/
Submission: On December 16 via api (December 16th 2024, 2:14:13 pm UTC) from US — Scanned from DE

Summary HTTP 182 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 35 domains to perform 182 HTTP transactions. The main IP is 18.102.16.191, located in Milan, Italy and belongs to AMAZON-02, US. The main domain is www.kesem.org.
TLS certificate: Issued by R11 on November 9th 2024. Valid for: 3 months.

This is the only time www.kesem.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	99.83.190.102 99.83.190.102	16509 (AMAZON-02) (AMAZON-02)
1 1	35.152.119.144 35.152.119.144	16509 (AMAZON-02) (AMAZON-02)
1	18.102.16.191 18.102.16.191	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:a175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	3.160.156.41 3.160.156.41	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223e:800:1d:7a82:2900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.16.90.50 104.16.90.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	104.18.160.117 104.18.160.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 29	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
5	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:6800:11:bd8b:3000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6efe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	204.141.43.190 204.141.43.190	2639 (ZOHO-AS) (ZOHO-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
2	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f26c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	172.64.147.18 172.64.147.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.161.82.71 3.161.82.71	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.118 18.66.147.118	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
9	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	151.101.64.176 151.101.64.176	() ()
182	43

33 2606:4700::6812:c55f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

donate.kesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.190.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

campkesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.152.119.144 (Milan, Italy) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-152-119-144.eu-south-1.compute.amazonaws.com

www.campkesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.102.16.191 (Milan, Italy)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-102-16-191.eu-south-1.compute.amazonaws.com

www.kesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:a175 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.156.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-41.fra60.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:800:1d:7a82:2900:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jetboost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.90.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6812:7c49 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:6800:11:bd8b:3000:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pagesense.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6efe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.43.190 (United States)

ASN2639 (ZOHO-AS, US)

pagesense-collect.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f26c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.147.18 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f9cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.161.82.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-71.fra56.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-118.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f110.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.64.176 (None, )

ASN- ()

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	classy.org 2 redirects sdk.classy.org — Cisco Umbrella Rank: 46005 www.classy.org — Cisco Umbrella Rank: 87525 prod-frs.content.classy.org — Cisco Umbrella Rank: 36356 pay.classy.org assets.classy.org	1 MB
30	kesem.org 1 redirects donate.kesem.org www.kesem.org	118 KB
20	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 6218	3 MB
16	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	181 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	279 KB
10	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 5507	166 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	730 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	1 KB
6	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	13 KB
4	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 31673	121 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 3653 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677 track.hubspot.com — Cisco Umbrella Rank: 2477	27 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 3353	22 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 15403	48 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 740	4 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4839 perf-na1.hsforms.com — Cisco Umbrella Rank: 3819	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	211 B
2	zoho.com pagesense-collect.zoho.com — Cisco Umbrella Rank: 30145	923 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4811 forms.hscollectedforms.net — Cisco Umbrella Rank: 4960	26 KB
2	pagesense.io cdn.pagesense.io — Cisco Umbrella Rank: 25625	67 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	campkesem.org 2 redirects campkesem.org www.campkesem.org	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3690	1002 B
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	553 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2358	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3341	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2343	26 KB
1	embedly.com cdn.embedly.com — Cisco Umbrella Rank: 14316
1	jetboost.io cdn.jetboost.io — Cisco Umbrella Rank: 44004	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2580	1 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	32 KB
182	35

	Domain	Requested by
29	donate.kesem.org	1 redirects sdk.classy.org donate.kesem.org transcend-cdn.com
26	prod-frs.content.classy.org	donate.kesem.org transcend-cdn.com prod-frs.content.classy.org
20	cdn.prod.website-files.com	www.kesem.org cdn.prod.website-files.com
16	js.stripe.com	transcend-cdn.com
10	transcend-cdn.com	donate.kesem.org transcend-cdn.com
9	fonts.gstatic.com	fonts.googleapis.com
8	www.googletagmanager.com	www.kesem.org www.googletagmanager.com js.hsadspixel.net
6	www.youtube.com	www.kesem.org www.youtube.com transcend-cdn.com
5	www.google.com	www.googletagmanager.com transcend-cdn.com
4	files.doublethedonation.com	donate.kesem.org transcend-cdn.com
2	assets.classy.org	transcend-cdn.com
2	pay.classy.org	transcend-cdn.com
2	code.jquery.com	transcend-cdn.com
2	www.gstatic.com	transcend-cdn.com
2	fonts.googleapis.com	transcend-cdn.com
2	cdn.plaid.com	transcend-cdn.com
2	unpkg.com	transcend-cdn.com
2	static.cloudflareinsights.com	donate.kesem.org
2	www.facebook.com	www.kesem.org
2	pagesense-collect.zoho.com	cdn.pagesense.io
2	www.classy.org	2 redirects
2	cdn.pagesense.io	www.googletagmanager.com cdn.pagesense.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.kesem.org connect.facebook.net
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	perf-na1.hsforms.com	www.kesem.org
1	forms.hsforms.com	www.kesem.org
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	www.google.de	www.kesem.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	sdk.classy.org	www.kesem.org
1	cdn.embedly.com	www.kesem.org
1	cdn.jetboost.io	www.kesem.org
1	cdnjs.cloudflare.com	www.kesem.org
1	js.hs-scripts.com	www.kesem.org
1	d3e54v103j8qbb.cloudfront.net	www.kesem.org
1	www.kesem.org
1	www.campkesem.org	1 redirects
1	campkesem.org	1 redirects
182	48

This site contains links to these domains. Also see Links.

Domain
kesem.my.site.com
donate.kesem.org
kesem.force.com
docsend.com
go.kesem.org
kesem.campmanagement.com
drive.google.com
www.youtube.com
aacy.org
www.ncbi.nlm.nih.gov
www.cancer.net
www.cancer.org
ar.iiarjournals.org
academic.oup.com
share.hsforms.com
www.facebook.com
kesem.tfaforms.net
instagram.com
twitter.com
www.linkedin.com
open.spotify.com
www.tiktok.com
www.today.com

Subject Issuer	Validity	Valid
www.kesem.org R11	`2024-11-09` - `2025-02-07`	3 months	crt.sh
prod.website-files.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
hs-scripts.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-24` - `2024-12-23`	3 months	crt.sh
cdn.jetboost.io Amazon RSA 2048 M02	`2024-03-20` - `2025-04-18`	a year	crt.sh
embedly.com WE1	`2024-12-06` - `2025-03-06`	3 months	crt.sh
classy.org WE1	`2024-11-30` - `2025-03-01`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
cdn.pagesense.io Amazon RSA 2048 M03	`2024-07-16` - `2025-08-15`	a year	crt.sh
hs-banner.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
hsadspixel.net WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
hscollectedforms.net WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
hubspot.com WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
hs-analytics.net WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
donate.kesem.org WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2024-10-01` - `2025-10-01`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.de WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
hsforms.com WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
hubapi.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh
files.doublethedonation.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-12-11` - `2025-06-11`	6 months	crt.sh
transcend-cdn.com WE1	`2024-11-11` - `2025-02-09`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
unpkg.com WE1	`2024-12-12` - `2025-03-12`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-12-12` - `2025-04-10`	4 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
pay.classy.org WE1	`2024-11-21` - `2025-02-19`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.kesem.org/
Frame ID: C68BAC835A4B1BA742D7C629A0E6C43E
Requests: 61 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FSbCK3zJCIWg%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DSbCK3zJCIWg&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FSbCK3zJCIWg%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube
Frame ID: 31384B47194A771C28F2888ACA805B06
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.kesem.org
Frame ID: 720441D385AC64719AF9C4B36D6ACE45
Requests: 1 HTTP requests in this frame

Frame: https://donate.kesem.org/give/441200/
Frame ID: 3EAC889E44E6E340514822F2F31035E0
Requests: 55 HTTP requests in this frame

Frame: https://donate.kesem.org/give/441200/
Frame ID: C485912A5D844A69900C98759361E71A
Requests: 50 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP&co=aHR0cHM6Ly9kb25hdGUua2VzZW0ub3JnOjQ0Mw..&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=lne81fsivzb6
Frame ID: 2D3ADC9F8767BCD096031AFB1031318C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP&co=aHR0cHM6Ly9kb25hdGUua2VzZW0ub3JnOjQ0Mw..&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=6lbqqjfn0ijo
Frame ID: C3DEBD33F6ECC6C7DC196AFC8B6094AA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-5276f765afdc5378dd4b3de1c994ccd3.html
Frame ID: 3A6D6514EF5F6551C531C51D749C2911
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
Frame ID: 96D42C332CC7B4F041DE61C5673F32FD
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
Frame ID: 117AADEE291512B76CEC1FE72291F107
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
Frame ID: F2C7505FD812153AD4904DF9F8841C0A
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
Frame ID: 6DEB63444E851326043A28E46583F5D1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-5276f765afdc5378dd4b3de1c994ccd3.html
Frame ID: F84621DF61D0B05E603C675B28451959
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
Frame ID: 930B866A9ADDCA6B0447F5C02EE5024E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
Frame ID: 9F281B6E4E165624B9BBA1F64582DB41
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
Frame ID: 3829FED7720EA1EEB84B74322B388507
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
Frame ID: A84EEEDFF221C7658A1A23346D9139F5
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
Frame ID: 1D10786E685EDC4B30A024ED0E0F3AE8
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
Frame ID: 53D29C58CD561D9AB4991AB25B7183B5
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
Frame ID: A5F2A116E534C0FF71511C08418A1A9B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
Frame ID: A5379D01BCBBA72E4978346B267DE053
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free, fun support for kids whose parents have cancer | Kesem

Page URL History Show full URLs

http://donate.kesem.org/ HTTP 307
https://donate.kesem.org/ HTTP 301
http://campkesem.org/ HTTP 307
https://campkesem.org/ HTTP 301
https://www.campkesem.org/ HTTP 301
https://www.kesem.org/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

99 %
HTTPS

55 %
IPv6

35
Domains

48
Subdomains

43
IPs

5
Countries

5853 kB
Transfer

21852 kB
Size

27
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://kesem.my.site.com/
Title: Register your child today.

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/GivingTuesday2024?c_src=GT24&c_src2=popup
Title: Learn More

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/give/609872?c_src=GT24&c_src2=wbpgo
Title: Give Now

Search URL Search Domain Scan URL

URL: http://kesem.force.com/
Title: Register Your Child

Search URL Search Domain Scan URL

URL: https://docsend.com/view/envyr6kvk58dbbv5
Title: 3-year strategic plan

Search URL Search Domain Scan URL

URL: https://go.kesem.org/new-programs
Title: Day Programs

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/givetoday
Title: make a donation

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/givingtuesday24
Title: Support Kesem on Giving Tuesday

Search URL Search Domain Scan URL

URL: https://kesem.campmanagement.com/enroll
Title: Club Kesem registration is open now!

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/17vZx_6LdnN1rv1VK0963-f0KvSQuD8J7/view
Title: Family Fun Kit

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/give/609872/#!/donation/checkout
Title: make a donation

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=8D7w4IZHdG0

Search URL Search Domain Scan URL

URL: https://aacy.org/
Title: 5.4 million children and teens under 18 take an active role in caregiving

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3164357/#:~:text=The%20negative%20impact%20of%20cancer,and%20physical%20functioning%203%2C%204.
Title: Children may experience a range of emotions when dealing with a parent’s cancer treatment,

Search URL Search Domain Scan URL

URL: https://www.cancer.net/coping-with-cancer/talking-with-family-and-friends/talking-your-children-about-cancer
Title: let your children know about your cancer diagnosis

Search URL Search Domain Scan URL

URL: https://www.cancer.org/research/cancer-facts-statistics/all-cancer-facts-figures/cancer-facts-figures-2021.html#:~:text=Estimated%20numbers%20of%20new%20cancer,factors%2C%20early%20detection%2C%20and%20treatment
Title: two million people were diagnosed with cancer in the US in 2021

Search URL Search Domain Scan URL

URL: https://ar.iiarjournals.org/content/37/8/4025
Title: higher risk of emotional and behavioral problems

Search URL Search Domain Scan URL

URL: https://academic.oup.com/jpepsy/article/47/9/1031/6590001
Title: indicate symptoms of posttraumatic stress disorder

Search URL Search Domain Scan URL

URL: https://share.hsforms.com/1dF9GJZ7KQRO30ty1rYKqPQdvyaa?__hstc=210537418.eed3689bc9e9d659262758127d85b7be.1734358450450.1734358450450.1734358450450.1&__hssc=210537418.1.1734358450450&__hsfp=930271884
Title: Join Our Newsletter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/kesemnationwide.
Title: Join our Facebook Community

Search URL Search Domain Scan URL

URL: https://kesem.tfaforms.net/f/emailoptin
Title: Sign up for Text

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CampKesem/

Search URL Search Domain Scan URL

URL: https://instagram.com/kesem

Search URL Search Domain Scan URL

URL: https://twitter.com/campkesem

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kesemnational/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CampKesemNational

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/ja7q8tdbnz82aedjwerpeicxr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@kesemnationwide

Search URL Search Domain Scan URL

URL: https://www.today.com/video/child-caregivers-shine-light-on-heavy-task-of-tending-to-sick-parents-214552645939

Search URL Search Domain Scan URL

URL: https://kesem.my.site.com/s/?language=en_US
Title: Register Your Child Today

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://donate.kesem.org/ HTTP 307
https://donate.kesem.org/ HTTP 301
http://campkesem.org/ HTTP 307
https://campkesem.org/ HTTP 301
https://www.campkesem.org/ HTTP 301
https://www.kesem.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.classy.org/give/441200/ HTTP 302
https://donate.kesem.org/give/441200/

Request Chain 45

https://www.classy.org/give/441200/ HTTP 302
https://donate.kesem.org/give/441200/

182 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kesem.org/
Redirect Chain

http://donate.kesem.org/
https://donate.kesem.org/
http://campkesem.org/
https://campkesem.org/
https://www.campkesem.org/
https://www.kesem.org/

108 KB
23 KB

172ms
77ms

Document
text/html

18.102.16.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.102.16.191 Milan, Italy, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-102-16-191.eu-south-1.compute.amazonaws.com

Software

Resource Hash

085b81ceac28c6dd6f6a9323ba8662c4893473549596be1aca35248725398cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 415804
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8f2f47244d6cba99-MXP
content-encoding: gzip
content-type: text/html
date: Mon, 16 Dec 2024 14:14:06 GMT
last-modified: Wed, 11 Dec 2024 18:39:53 GMT
strict-transport-security: max-age=31536000
surrogate-control: max-age=432000
surrogate-key: www.kesem.org 615b7d5e77217e9ff469ea49 pageId:63e579a9d33e9c5cc1357c97 63e579a9d33e9c6512357d0a
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red
x-lambda-id: 24e2b01a-f3c5-4c67-9291-1c42ab84b8a9

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: BYPASS
cf-ray: 8f2f47224cf30e5a-MXP
content-length: 166
content-type: text/html
date: Mon, 16 Dec 2024 14:14:06 GMT
location: https://www.kesem.org/
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cluster-name: eu-south-1-prod-hosting-red

GET
H2 200 kesem-rebuild.webflow.b5f7ff325.css
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/ 268 KB
44 KB 48ms
24ms Stylesheet
text/css 2606:4700::6812:a175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44289cb4c3a7acdcfdbe63ded8e52170101bbf006b681350d265eb04a834aeed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "59a16e34c387b50ca91d9f8fba4944bc"
x-amz-version-id: 8bnzPatDPCEUgyyt56sjUL69pkjxeyJV
age: 418286
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 23:06:43 GMT
vary: Accept-Encoding
x-amz-id-2: jnj8y45O/qPI/OogVlwhPd+bw2YyYp+jDvq/M4FfoQz2k+0vf7eltaEV0sOb3h1SZ/pHQWivzGY=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: ZMYCQY89SW8KW78R
cf-ray: 8f2f4724eac1dbd4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44125
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 51ms
23ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-30205020-1

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29b07060d04c4ba708b0d184c055be5ba3ae12c3cf20e2324ad31b063df78de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:14:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77474
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 617c4f2fb4ff3b3ec9e6ab38_Close.svg
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 627 B
961 B 42ms
18ms Image
image/svg+xml 2606:4700::6812:a175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/617c4f2fb4ff3b3ec9e6ab38_Close.svg
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f4818795d8ba29ef00851bfb7ff38be7e1a6380b306adbf4aed829d352c080

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d61b39b32036a9a78b5c0e8b4d22f2f3"
x-amz-version-id: _TY10IHGAZ17pGgEdnN4JyBIIWI1xyea
age: 418286
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Oct 2021 19:44:48 GMT
vary: Accept-Encoding
x-amz-id-2: hqzowsMbMwzcqI5Q/l60wmaSPuB751X5R+CeMO0sNsMvQJPlOgwvRNs0EJ7ADnyf/ieegMhFQvU=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY3SRSPX579J060
cf-ray: 8f2f4724eac3dbd4-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 66ed87f6a7caec49c8b9cd16_Close.svg
cdn.prod.website-files.com/66ed87f6a7caec49c8b9cc6d/ 627 B
747 B 42ms
18ms Image
image/svg+xml 2606:4700::6812:a175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/66ed87f6a7caec49c8b9cc6d/66ed87f6a7caec49c8b9cd16_Close.svg
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f4818795d8ba29ef00851bfb7ff38be7e1a6380b306adbf4aed829d352c080

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d61b39b32036a9a78b5c0e8b4d22f2f3"
x-amz-version-id: I8zNG3YiFqtvSeetI8bn5k9dZ0eRfwj5
age: 449307
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/svg+xml
last-modified: Fri, 20 Sep 2024 14:34:32 GMT
vary: Accept-Encoding
x-amz-id-2: m80gWjNLAMuR4cvth2wTkUzdZN/xH5O9i+uRJr2sSsdyVndv5g7wa216EXBMGkWpHm89Ym1/b9Y=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY1NW9EEVPQ2G2A
cf-ray: 8f2f4724eac4dbd4-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
32 KB 50ms
14ms Script
application/javascript 3.160.156.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=615b7d5e77217e9ff469ea49
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.156.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-156-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://www.kesem.org/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 38638
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: RHo7w9mJ9qocwdn_NhkBBes6I8zCxHKt8_ivRYhj6wXgAtGOAGcimA==
date: Mon, 16 Dec 2024 14:00:31 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
vary: accept-encoding
cache-control: max-age=84600, must-revalidate
via: 1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P7
server: AmazonS3

GET
H2 200 webflow.6ba5baccf27bb96335184d0d1ae651d3.js Show response
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/js/ 356 KB
76 KB 29ms
28ms Script
text/javascript 2606:4700::6812:a175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/js/webflow.6ba5baccf27bb96335184d0d1ae651d3.js
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6a681349103c98874d086393c51a4d636e2ebb579f69dba5149fa0edc2acd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"df0c0f1c072b4fde098a6c2a13402db2"
x-amz-version-id: rH2pvWYZ4ZAAbDNuiveV_wjYj7qOPpgQ
age: 465375
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: text/javascript
last-modified: Tue, 10 Dec 2024 23:06:43 GMT
vary: Accept-Encoding
x-amz-id-2: gTgfwgwCeKXRRKimtkYf1b88pkRVZqvg+9ecFIlHKL8pHc5BwL57PoKGy2bE5g9gMaVWET0EwNw=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: ZMY0M784KG22HY9A
cf-ray: 8f2f47250b29dbd4-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 23325778.js Show response
js.hs-scripts.com/ 2 KB
1 KB 172ms
139ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/23325778.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfdc5d81c052742e1af53bffab9c24a3c5680274c14ea59dfc69ac260fee655

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:15:37 GMT
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: 53383531-2c5a-4679-a22c-08bab63fd620
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Mon, 16 Dec 2024 14:14:07 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8f2f47255cb6db10-FRA
accept-ranges: bytes
access-control-allow-origin: https://www.kesem.org
content-length: 673
server: cloudflare

GET
H3 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 35ms
20ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec5-699"
age: 314209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vp3GzO3eiiLKgjTh5oJ56CXL3uIXN7GYxTese%2Bclo2b5lxMG6hN2%2BSxYzn%2Bz7VM3m9UVIdL5%2BdtCSWOPs1NahjBgkQDaRNHY8YlD3sddf1GTjDh5C9HxvnuqLfu5grKzwGGy9p3m"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 14:14:06 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:49 GMT
vary: Accept-Encoding
priority: u=2,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f2f47253ed99bb9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 746
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 30ms
10ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Atno4Pwz' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Atno4Pwz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4470, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: hm2pogVzGXdFNnq4HcCYkeHKUYeHDJ+jAD4FTuViNvf6aoyDE80CeBk5bkMQIRE/wFqdlg83GiKcXuzNnUZQbw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 jetboost.js Show response
cdn.jetboost.io/ 12 KB
4 KB 49ms
10ms Script
text/javascript 2600:9000:223e:800:1d:7a82:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jetboost.io/jetboost.js
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:800:1d:7a82:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: br
etag: W/"90f20e8472ce5be54d6aec168f3aa8cd"
age: 25327
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 7PTwjyw9nMTherzv8nYkqEr6Cc5vVcAkFxRsCiwH7GPxQB85rbVerg==
date: Mon, 16 Dec 2024 07:12:00 GMT
content-type: text/javascript
last-modified: Tue, 10 Sep 2024 22:20:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 342 KB
109 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a3fb3993cd2e453176ffaa58ba80f9e237a84fa6184bae67469f90030317094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 16 Dec 2024 14:14:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111433
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK media.html
cdn.embedly.com/widgets/ Frame 3138 0
0 71ms
21ms Document
text/html 104.16.90.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FSbCK3zJCIWg%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DSbCK3zJCIWg&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FSbCK3zJCIWg%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.90.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: HIT
CF-RAY: 8f2f47257f4190d4-FRA
Cache-Control: public, max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 16 Dec 2024 14:14:06 GMT
Expires: Mon, 16 Dec 2024 14:19:06 GMT
Last-Modified: Fri, 06 Dec 2024 22:12:19 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: 5kSUYWggO5oc3S+qOBLAyrbXxzF+JwHUntc9IEZwWZXdwx7aSQy5xnJrpVSmI0tjQW0VRqPIrM0=
x-amz-request-id: 51QCHD8XM50FM3ZQ
x-amz-server-side-encryption: AES256
x-amz-version-id: OxxXS8CUBwwukWrYXLW4nQR7hLs0Gv2i

GET
H3 200 6164fcef47fce26c5246f57e_Search.svg
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 622 B
981 B 25ms
25ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6164fcef47fce26c5246f57e_Search.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fca56e0b11525635f30214b19a3b2aabb09f655ebf813cfb1465387970db2a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"c0459b45ac56c5761c57499116c6a096"
x-amz-version-id: Z8YRqC_F2gIAyiyb4amZd8qlcYxF.SuU
age: 418286
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Oct 2021 03:11:45 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: i/ZDAjds+tGz3iG6sH/JOevALhQYmHg4xAUmf58BVahzZs+CcKijjtSOVX95RsMOPL4Ry7toSos=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY3Z82FQQGF77Z9
cf-ray: 8f2f47252d16dbad-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61689d1c6b25d86589eedcf4_kesem-student-leader-with-camper.jpg
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 162 KB
162 KB 27ms
27ms Image
image/jpeg 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/61689d1c6b25d86589eedcf4_kesem-student-leader-with-camper.jpg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d425f837ebda7c908269b70c7cfc6a3145ec216f869e8377c2f17ac3b3ab888f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

cf-bgj: h2pri
etag: "dffca6504412dcf2bc1b59a0d10223c2"
x-amz-version-id: QSTm3KKXsgVv4m5VFYBLROkBdswTH5Y6
cf-cache-status: HIT
age: 418286
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/jpeg
last-modified: Thu, 14 Oct 2021 21:11:58 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: eGA55Jqfmbu5dfvmOSWPy37VF6ZVsbLo+vDb60NUBilIgndTLVGFibJX4XYSHWD35ITYfbzHokU=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY4YM3XEY2K0VCX
cf-ray: 8f2f47252d1ddbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 165458
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6579ef66817f30cc43a76bf9_Kesem%20Map_122023.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 417 KB
418 KB 33ms
33ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6579ef66817f30cc43a76bf9_Kesem%20Map_122023.png
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40674cc74092d70dbcfd9f4cbbae9fff87e71404a9a2f4b57b6270557579a3d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

cf-cache-status: HIT
etag: "e2c63f36911329a9d6dd6f8cd4ce106e"
x-amz-version-id: 4xsypQSRJOWXLyuYdfcRE5A88u2pVpfS
age: 418286
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Wed, 13 Dec 2023 17:52:41 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: ox2OYC8KI5azMfa76RBsEhwKjzymrCShTYUOYcPkOtB5sD+9Mg+3AmgAO4WXpRlXajXlzVYKU7A=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY8J8WXNZ9Q3XNB
cf-ray: 8f2f47252d1fdbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 427213
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 615b832dd31fcb596b7efa34_AvenirNext-Bold-01.ttf
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 319 KB
320 KB 38ms
37ms Font
application/x-font-ttf 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/615b832dd31fcb596b7efa34_AvenirNext-Bold-01.ttf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54786df2c038ac72cdff7ea06a978deb83c80ea470a0ea6fb271d486801be773

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "61887e1e950488f7a52971725b2ebda6"
x-amz-version-id: jovlRTxS2bxPHKbAHZpNvjntIJTkCbIn
age: 418286
access-control-allow-methods: GET, HEAD
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-font-ttf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 04 Oct 2021 22:44:17 GMT
x-amz-id-2: CmqWoscI7jo2M+RLwn7nhzK5SnDdZnsj1gPMp0L2vUwyS7Ei4fKWlirQ3ESfwSPSaf6Bc6ZR8dg=
priority: u=0,i=?0
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XPZFXG37F964B51V
cf-ray: 8f2f47254a8618ef-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 327060
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 615b832da1be5c67094e60dc_AvenirNext-DemiBold-03.ttf
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 258 KB
259 KB 29ms
28ms Font
application/x-font-ttf 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/615b832da1be5c67094e60dc_AvenirNext-DemiBold-03.ttf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c5465973630c3de4b1e6845c4a7bd6c82a8d3dca0017ed6919bf39f376ecedb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "2538a3f00a198337bb2911bd6f3182ae"
x-amz-version-id: Oi5FFNu_jnft0VLOBfS3xUpPuEAOYYry
age: 418286
access-control-allow-methods: GET, HEAD
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-font-ttf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 04 Oct 2021 22:44:17 GMT
x-amz-id-2: 8MehH8hN7/raz4k0k2Fbu6UX+fLoQnGIbVC+p6awtsAMeOZjXwwHTO22FTXTrj3NnWAaa2f1EUJ2VY6Axdwtc5fM7sCtBMgwM53/DRW41l0=
priority: u=0,i=?0
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XPZB333A3DAPBJVA
cf-ray: 8f2f47254a8818ef-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 264472
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 615b832d26553e6afb492002_AvenirNext-Medium-06.ttf
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 271 KB
272 KB 39ms
38ms Font
application/x-font-ttf 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/615b832d26553e6afb492002_AvenirNext-Medium-06.ttf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f03a6879c657b1c23366307c501a0df1319a9738394ad10be141efb295f2fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "597381f75a1b983328f95e3966e929f6"
x-amz-version-id: Zr7KX7nVAMxoVw4M72MdGuW4orPozwte
age: 449306
access-control-allow-methods: GET, HEAD
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-font-ttf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 04 Oct 2021 22:44:20 GMT
x-amz-id-2: YbWH27775gXwaTnFX0Poc+lCyzxG/Hw8I8JcW7Wo9VAd9DGyWevBCKjgNduUwEwPMNouU23fIt78y3gUEMXwm20wGwQw9tRu
priority: u=0,i=?0
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XPZ76AW16CCEJ44E
cf-ray: 8f2f47254a8918ef-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 277920
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6164dea52a26695ccd55a022_Girl-Boss-Script.woff
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 64 KB
65 KB 39ms
38ms Font
application/x-font-woff 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6164dea52a26695ccd55a022_Girl-Boss-Script.woff
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d48f66ef07e7cbcace87f5c3c51c11655dcc21c2af1cb9791bc6c58b52f2bae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "93ea7a555d234a2c95efc2f6acb04efc"
x-amz-version-id: M2W1u4JygU5g0a3r.9BDgZ4sIO6tfMZj
age: 418286
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-font-woff
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 12 Oct 2021 01:02:30 GMT
x-amz-id-2: DdLKIOMdJP+4zCX2QRbXU1l9QWHnTdV8Vf/bqDmCo7Axh7m0YMp1PaZiLzLIOOyzyNHg1/HgJgaUhYPIbCOYPUlCDBUY94oDbwHsUqSNVZU=
priority: u=0,i=?0
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XPZ4HP4CDMJN3SE1
cf-ray: 8f2f47254a8a18ef-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65408
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 618b1601897687ba8c951d49_BigCaslon.ttf
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 218 KB
219 KB 100ms
99ms Font
application/x-font-ttf 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63f9782e146d480542091034f902dc5785016bf269ba41331ab96494bcfd7d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "ec50ac41f55e7d9116affd7d05c1f656"
x-amz-version-id: pJT0QNGgYRRCy_QWwRdI6mx6sMKqIXP5
age: 449306
access-control-allow-methods: GET, HEAD
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-font-ttf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 10 Nov 2021 00:44:50 GMT
x-amz-id-2: 9uGwl/RXSdIQmGjcxPCd0j6SmXALYouxuZZ43Vr/xUrXVeq7SSmW9018NykWG4jqzZBbk/h67FI=
priority: u=0,i=?0
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XPZF3C2GBH9CANV7
cf-ray: 8f2f47254a8b18ef-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 223272
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 615b832d1fbfb136145c5d7a_AvenirNext-Regular-08.ttf
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 411 KB
412 KB 105ms
105ms Font
application/x-font-ttf 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/615b832d1fbfb136145c5d7a_AvenirNext-Regular-08.ttf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.b5f7ff325.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "4d8fdeb265ff6d34fb3bd8e4292665c0"
x-amz-version-id: .aFR449H7RCWv7VFFv4Bsr88m_QNSmOl
age: 418286
access-control-allow-methods: GET, HEAD
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: application/x-font-ttf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 04 Oct 2021 22:44:22 GMT
x-amz-id-2: 9kvVaewbdi3IA1GKrjEEkafulff4zXONLm9jOVD1GD4h436KNLMPCccBXW77sBBJ2hT6wsRRPN8=
priority: u=0,i=?0
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XPZADH6MSWVNZJ4S
cf-ray: 8f2f47254a8e18ef-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 421096
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 66214201f82283bc307b781d_5275668f132eefbcaf0ab526fc0de58b-p-500.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 14 KB
14 KB 21ms
21ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/66214201f82283bc307b781d_5275668f132eefbcaf0ab526fc0de58b-p-500.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f1c1df4ce63dc4305288287761e42834f839182a5e3f6c116ba68ac4e27495

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "b027b4e7d0c657b16ab3ae25ec344559"
x-amz-version-id: 04Y.sAUb7dhz6zfVjQBGOvLDW1q8lqlP
age: 418286
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Thu, 18 Apr 2024 15:53:45 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: 2w+Py2FjW7T1pFBBBraU+uf5Vim60/xbA06L/QgdAE4BZMM69d60c8ADbcilB2c7l0BwKebi518IhuhUcKRi0oFlnxzT0s/TFxij/rLyu1M=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: 2VMDG24KX0388P2W
cf-ray: 8f2f47254d53dbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14161
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6168a6b6899d6f13c4534c85_home-video-thumbnail.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 310 KB
311 KB 22ms
21ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6168a6b6899d6f13c4534c85_home-video-thumbnail.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d345d07713f4280375b721453f58ebf61d3bb3aec11b7db446caec100cf17afb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "82d54efe2ab409416ea0383379f85be1"
x-amz-version-id: o0x5uGZDz8.JNpICkufaCM701soCfqGA
age: 449306
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Thu, 14 Oct 2021 21:52:56 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: 9UJg0IBwcvZZnuJnCVqyisdq+Xy4T7ThkyUOkvLDOvcV5RUKm5d+wlmWAbCzbk3H+SPijeL/TU0=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY86TPAWD4AN753
cf-ray: 8f2f47254d57dbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 317337
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6168ae19a1801221109f46e7_green-heart-rate-icon.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 2 KB
2 KB 27ms
25ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6168ae19a1801221109f46e7_green-heart-rate-icon.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b57b9b5a01d7b8e6879e3c3552abc405ac4fddfbebfb04bdfcf110a7f86350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "9d9d9d481200f345fd729d012ffb5f1b"
x-amz-version-id: MxsEgxWWFixv_Gcdsqe0YFs2.CZidwTS
age: 449306
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Thu, 14 Oct 2021 22:24:27 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: TNwzoIRNBOw8nXDsqlFDXP0MJiw/qgHe0FikKa/B1AQQx1AHeIMC2tdKaIUe0X5/QIb9rISJp/4=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY2XB63GB3WKYPK
cf-ray: 8f2f47254d59dbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1541
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6168ae19d0b9cd511b7f128b_heart-icon-outline.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 1 KB
2 KB 29ms
27ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6168ae19d0b9cd511b7f128b_heart-icon-outline.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ef9251e28651c4c8d6a5ae92fc332b7a6e27f939e9af77ec3c92827d59fe29c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "99692becf7a30ca2fdb2c2ca4de74093"
x-amz-version-id: pB1KIBMB3a4STYEWU2tufSm.ux8omMTi
age: 420433
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Thu, 14 Oct 2021 22:24:27 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: yy/3znL1yNEph5YarEwXD7LkHL2g5JJqcMymg4jnCfyTunHPMd9kwvdoVHkc3rMsWs2bM8r4MNE=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY7VANTPT5XDY7A
cf-ray: 8f2f47254d5bdbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1080
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6168ae1993b7b032f48a2ec5_double-heart-icon.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 1 KB
2 KB 23ms
22ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6168ae1993b7b032f48a2ec5_double-heart-icon.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ddec7493b356e5f7e21af957a903f128542111be58cb136558cb5f751ce1f43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "84f18f604761345c076f6c49514f6865"
x-amz-version-id: ztAuLFNzOSm3bP3Bh44yazFD1HhPfoTg
age: 420433
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Thu, 14 Oct 2021 22:24:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: muFf4LJapd30FiJnkcTKOJ1nfMvGH5ttSZYXod94ktoK/+PqnyEXwc5AKlqvZmBeTRsEXKn1D+c=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY64HB1RKC6Y2NB
cf-ray: 8f2f47254d5fdbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1225
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6168ae199652ec779a7650b8_heart-icon-filled.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 728 B
1 KB 38ms
36ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/6168ae199652ec779a7650b8_heart-icon-filled.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2f16e7828359212d4854719fac741c1cb2cd5ee99be707bc8851cdc20fe9a14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "93966bced5f97c637e61a261051e8ab7"
x-amz-version-id: _OW_7U_e_IUVRGeGJKM1ZKqc_ZcSf9.v
age: 418286
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:06 GMT
content-type: image/png
last-modified: Thu, 14 Oct 2021 22:24:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: GHgBSZCuwdtxWLuc0z1qGe8abUiz0ZSjOVgmEbwkGpi41yvkaIniO9yR/DdkkjjpcHUq+Wh2axM=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: ZMY8A2HAP4TWX4MR
cf-ray: 8f2f47254d61dbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 728
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 48ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30205020-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: gzip
age: 5561
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 12:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 1106316670747099 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 272ms
271ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1106316670747099?v=2.9.179&r=stable&domain=www.kesem.org&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

4487cd7e98dc5b35808bc944bbd410d2666bff1b4c3c9a9da5a39dd0920c7151

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-WFJbKSpr' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-WFJbKSpr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=75, mss=1232, tbw=71283, tp=68, tpl=0, uplat=258, ullat=0
pragma: public
x-fb-debug: nvEI6J2KDCvZrlRUALakHHYBxTu0NxCaT8/HX9cJtwI0q0SKK1yC8KBiXGXkW+ZN4z2+eyY76aCTqGGIDjxzbA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 44 KB
11 KB 116ms
75ms Script
text/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4ed0398025745bb5fc2f7461bb86924de0a097278ea9c3b0d97218dbe7bdd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
content-encoding: br
cf-cache-status: HIT
etag: W/"f3b9b6c2e7f8d822cdd9afd2d9718729"
age: 449
cf-ray: 8f2f47260e2c1907-FRA
x-amz-request-id: H449VK6V69Q6CE9K
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: text/javascript
last-modified: Wed, 11 Dec 2024 01:07:45 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: uwcYPutSbM3AQXMcsBmYDQsyxzlc0vkH2UWQFNwq4Sxm42dQJRLc6c0cuJJ50J8H/BzGy+Jf4kU=

GET
H2 200 player_api Show response
www.youtube.com/ 993 B
2 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Mon, 16 Dec 2024 14:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
418 B 25ms
24ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=360214318&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kesem.org%2F&ul=de-de&de=UTF-8&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1225254904&gjid=491809922&cid=649094659.1734358447&tid=UA-30205020-1&_gid=619791309.1734358447&_r=1&gtm=457e4cc1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&npa=1&z=562183314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.kesem.org/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.kesem.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 417 KB
133 KB 40ms
40ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XHZ6HDQSLZ&l=dataLayer&cx=c&gtm=45He4cc1v896153047za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6ae4ade5957e61bbc7c19d58e10316dd2bb272e1b9f787fb2ac552d68fff4a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136275
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 44ms
18ms Ping
text/plain 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.kesem.org%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=220598552.1734358447&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&auid=1178926974.1734358447&navt=n&npa=1&gtm=45He4cc1v896153047za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734358447024&tfd=2263&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 418 KB
133 KB 43ms
42ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QY37YFZRTW&l=dataLayer&cx=c&gtm=45He4cc1v896153047za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fc3c4d5593653dd2667e2e58311dc538e469d3e1eeb7cbf05781c7a12a4d518b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136513
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 40ms
39ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16753794780&l=dataLayer&cx=c&gtm=45He4cc1v896153047za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

261336021d3af77efdcb31c0a26a45aaed8601a65ace2f568d8961d3c16d55d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94816
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 da8ef2d757ab4552819990f83dbb4de9.js Show response
cdn.pagesense.io/js/ogzt83er/ 248 KB
66 KB 77ms
15ms Script
application/javascript 2600:9000:2156:6800:11:bd8b:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pagesense.io/js/ogzt83er/da8ef2d757ab4552819990f83dbb4de9.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:11:bd8b:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3e0f45131c6443333faee50545dab26135eb2ffa399482a9b310ddd8cb35e5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-amz-cf-pop: FRA50-C1
vary: accept-encoding
cache-control: max-age=0
content-encoding: gzip
etag: W/"bdeedb013f20109b7d9ad4f96157b08a"
age: 29872
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ncHAEm4yoUoXTYzwTuDh53btYuxLFfvDRwZnYL9M08EjAIea4QtqxQ==
date: Mon, 16 Dec 2024 05:56:16 GMT
content-type: application/javascript
last-modified: Fri, 13 Dec 2024 14:32:38 GMT
x-amz-meta-cache-control: max-age=0
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 7204 0
0 37ms
9ms Document
text/html 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.kesem.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 331005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 18:17:22 GMT
expires: Fri, 12 Dec 2025 18:17:22 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/ 30 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
age: 16393
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 16 Dec 2025 09:40:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 09:40:54 GMT
last-modified: Wed, 11 Dec 2024 05:16:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/23325778/ 71 KB
26 KB 444ms
417ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/23325778/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b1b6cfe8e8952e530d07417293389ec9f5d61b0b4d487c0dba9a727513160a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: ff74cd59-c364-4b2f-bab8-ac028e69bb19
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"47c32440675a295ddbaade6bcf6b1714"
x-amz-version-id: liDKBg2bCiNIDKzJs2.9syAGKFD_2pJ8
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Mon, 16 Dec 2024 14:19:07 GMT
x-evy-trace-listener: listener_https
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: ff74cd59-c364-4b2f-bab8-ac028e69bb19
content-type: text/javascript; charset=UTF-8
last-modified: Fri, 06 Dec 2024 14:06:01 GMT
vary: origin, Accept-Encoding
x-amz-id-2: Ezey4B3u8u7KNfHb6o24lQ0zlg451K6OcCoLQ3NZFWlHcEM3v39qCNo+L4EcZucptbMWWaleTmw=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ds2fh
x-envoy-upstream-service-time: 124
access-control-allow-credentials: true
x-amz-request-id: 67ZYH31V0S0Q3FBS
cf-ray: 8f2f47266b4e9750-FRA
access-control-allow-origin: https://www.kesem.org
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 54ms
28ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbc9356e752ad2ec816689d39f6bc3c275294782b19934c54a20aea7580e4e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-evy-trace-virtual-host: all
x-request-id: b0847ef4-5890-4609-a66f-522470ac85ae
content-encoding: gzip
cf-cache-status: HIT
etag: W/"707a0b55faf28e3938f5c35015d03842"
x-amz-version-id: JReSGa6dgrJ0I2wOjACpFmY9DiwA4Un0
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 32
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: Gk8atYfvJBQbOFlsXohOVGo3nxyowgao5hUS51eRjeUMYhDqr7oN4g==
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: b0847ef4-5890-4609-a66f-522470ac85ae
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 15:06:23 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-56k8s
x-envoy-upstream-service-time: 1
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.976/bundles/pixels-release.js&cfRay=8f16ea684a7fd399-WAW
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray: 8f2f47266d8765cd-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.976/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 70 KB
25 KB 182ms
147ms Script
application/javascript 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://www.kesem.org/

Response headers

x-request-id: 0fb29236-d350-44bd-92cc-a43eb1f7f084
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-version-id: 8IiNiFnnn0n9avBP.k8Mr32sZxpD8Dx_
etag: W/"ceb8bcb73e5536d8416735a3977d227a"
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: RefreshHit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: rKbyZ_LajsUWL42BH1jM889445UMsGJe4g8r6Kq0gomVvlbYRYaatA==
x-hubspot-correlation-id: 0fb29236-d350-44bd-92cc-a43eb1f7f084
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Dec 2024 13:03:17 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-4wq5t
x-envoy-upstream-service-time: 28
x-hs-target-asset: collected-forms-embed-js/static-1.1112/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Mon, 16 Dec 2024 14:14:07 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.1112/bundles/project.js&cfRay=8f2f47267e0d9951-FRA
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-ray: 8f2f47267e0d9951-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 84 KB
25 KB 223ms
197ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kesem.org
Referer: https://www.kesem.org/

Response headers

x-request-id: 4d45a2b5-0947-4e42-be5f-be28e138615b
content-encoding: gzip
cf-cache-status: EXPIRED
x-amz-version-id: _83IngeMtzUuERab6QgcByX86005NyG0
etag: W/"03686003e4860757c17ae65c11ab8ea4"
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FSZO0rd1KnEH5pRi70bDWkSM6aWt4z3pytW0ssN%2FUucZdx0%2BH%2B14%2BVR3PB3AWX4wtKzfJDux%2BV4ErRls%2B33CGsNemxvFKhKCSkV%2BEjQQZvcG93LC6MjlBRFgE92XjSxJjkcY55PNZujA2nn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-evy-trace-listener: listener_https
x-amz-cf-id: zDYuQ3pz5mOQZpEAVl-h0rAByHrVjCUhzBvwPAgQXfb5SzsTUVe3GA==
x-hubspot-correlation-id: 4d45a2b5-0947-4e42-be5f-be28e138615b
content-type: application/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 12:10:35 UTC
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-fngld
x-envoy-upstream-service-time: 6
x-hs-target-asset: web-interactives-embed/static-2.1996/bundles/project.js
server: cloudflare
x-evy-trace-virtual-host: all
x-amz-server-side-encryption: AES256
access-control-max-age: 3000
access-control-allow-methods: GET
x-hs-cache-status: MISS
date: Mon, 16 Dec 2024 14:14:07 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1996/bundles/project.js&cfRay=8f1849a95f49dc86-WAW
via: 1.1 dfc1931cc62ecd4133c2b9bdae1bb476.cloudfront.net (CloudFront)
cf-ray: 8f2f472668879b98-FRA
access-control-allow-origin: *
x-evy-trace-route-configuration: listener_https/all
x-amz-cf-pop: IAD12-P3

GET
H2 200 23325778.js Show response
js.hs-analytics.net/analytics/1734358200000/ 68 KB
25 KB 226ms
199ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1734358200000/23325778.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941e2020e43f74d180c19d07e14a7e8d0c082673f1919776638701c012334a3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: 6cccc2da-f80b-4f27-a6e1-5c1f2365742b
content-encoding: gzip
cf-cache-status: MISS
etag: W/"7c97925735c31e49b4df4f79b5e8249f"
x-amz-version-id: null
expires: Mon, 16 Dec 2024 14:19:07 GMT
x-evy-trace-listener: listener_https
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: 6cccc2da-f80b-4f27-a6e1-5c1f2365742b
content-type: text/javascript
last-modified: Fri, 06 Dec 2024 14:06:05 GMT
vary: origin, Accept-Encoding
x-amz-id-2: i70vI8yJqWKarznx6MJB+0NUGInzNv/GFo8+ZJZ1e8P08T+NrgnSLomJdZVKGvjvYem2otckNTHrlHYJD7MBJzSQZNrvf2cP
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-xw2ts
x-envoy-upstream-service-time: 33
access-control-allow-credentials: false
x-amz-request-id: 7FCNBC6MNW85RJ4H
cf-ray: 8f2f472668bb1cab-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2

200

/ Show response
donate.kesem.org/give/441200/ Frame 3EAC
Redirect Chain

https://www.classy.org/give/441200/
https://donate.kesem.org/give/441200/

107 KB
34 KB

837ms
837ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/give/441200/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa8a30eb478324fb65764f993a4e31337c6ac347a456446c47bda3cb229ccc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.kesem.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8f2f472e2ff6dc9a-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:09 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8f2f4726ca6137d1-FRA
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:08 GMT
location: https://donate.kesem.org/give/441200/
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

GET
H2

200

/ Show response
donate.kesem.org/give/441200/ Frame C485
Redirect Chain

https://www.classy.org/give/441200/
https://donate.kesem.org/give/441200/

107 KB
33 KB

870ms
870ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/give/441200/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6444ea95737dc18a7adb8174b1897b625c60a2c325cf302c515fb192a5e29b07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.kesem.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8f2f47340fc1dc9a-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:10 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8f2f472e29de37d1-FRA
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:09 GMT
location: https://donate.kesem.org/give/441200/
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 pslog.gif
pagesense-collect.zoho.com/ 42 B
461 B 506ms
167ms Ping
image/gif 204.141.43.190
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pagesense-collect.zoho.com/pslog.gif?type=2

Requested by

Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/ogzt83er/da8ef2d757ab4552819990f83dbb4de9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.190 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.kesem.org/

Response headers

strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 42
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: image/gif;charset=UTF-8
content-disposition: attachment; filename="pslog.gif"
server: ZGS
x-frame-options: DENY

GET
H2 200 da8ef2d757ab4552819990f83dbb4de9_visitor_count.js Show response
cdn.pagesense.io/js/ogzt83er/ 181 B
581 B 364ms
364ms Script
application/javascript 2600:9000:2156:6800:11:bd8b:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pagesense.io/js/ogzt83er/da8ef2d757ab4552819990f83dbb4de9_visitor_count.js
Requested by: Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/ogzt83er/da8ef2d757ab4552819990f83dbb4de9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6800:11:bd8b:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25e7a2755b07a194a639eb5386cfa637e63a139f9aecb0dcb9e5a9de585fcb9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-amz-cf-pop: FRA50-C1
cache-control: max-age=0
etag: "37fe0b1194226e544cbbb9e369a5a66c"
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 181
x-amz-cf-id: 3vupqgd8v8qSkehDMEWrf9MMqdOih64cfKRtzxOLFB_fGcwcemBsmQ==
date: Mon, 16 Dec 2024 14:14:08 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 13:10:56 GMT
x-amz-meta-cache-control: max-age=0
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 67ms
25ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XHZ6HDQSLZ&gtm=45je4cc1v896176879z8896153047za200zb896153047&_p=1734358446897&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=649094659.1734358447&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734358447&sct=1&seg=0&dl=https%3A%2F%2Fwww.kesem.org%2F&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&en=page_view&_fv=1&_ss=1&tfd=2469
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XHZ6HDQSLZ&l=dataLayer&cx=c&gtm=45He4cc1v896153047za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kesem.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 29ms
23ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QY37YFZRTW&gtm=45je4cc1v9180703205z8896153047za200zb896153047&_p=1734358446897&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=649094659.1734358447&ecid=1095872025&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1734358447&sct=1&seg=0&dl=https%3A%2F%2Fwww.kesem.org%2F&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&en=page_view&_fv=1&_ss=1&tfd=2524
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QY37YFZRTW&l=dataLayer&cx=c&gtm=45He4cc1v896153047za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kesem.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
553 B 78ms
23ms Ping
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QY37YFZRTW&cid=649094659.1734358447&gtm=45je4cc1v9180703205z8896153047za200zb896153047&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QY37YFZRTW&l=dataLayer&cx=c&gtm=45He4cc1v896153047za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.kesem.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 63ms
37ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QY37YFZRTW&cid=649094659.1734358447&gtm=45je4cc1v9180703205z8896153047za200zb896153047&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2058572307

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 16 Dec 2024 14:14:07 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 61 B
1017 B 147ms
147ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=23325778&currentUrl=https%3A%2F%2Fwww.kesem.org%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-robots-tag: noindex, follow
access-control-max-age: 180
x-request-id: d0d5098d-58a5-47cc-8a33-5a106a1ec3b3
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXARnfaNMO3rn7unhIsmk5OGZiWC2b4WjypRE9g88OAY1F0qoMu%2Fc4sE1xee0h8mUlkY0Gc0XHEFr2LUu5m0E5LUBcfDOinXfU6RDNIB1hVL%2FSwSjJ8DaCygcsN56AjpUOfamHnL%2Fs8xrF2%2BJUXoNCsLv4VmTWoANWU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET
x-evy-trace-listener: listener_https
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: d0d5098d-58a5-47cc-8a33-5a106a1ec3b3
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-2tcdg
x-envoy-upstream-service-time: 11
access-control-allow-credentials: true
cf-ray: 8f2f4727c9b79b98-FRA
access-control-allow-origin: https://www.kesem.org
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
635 B 124ms
124ms XHR
application/json 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23325778&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d528489716a3043d17ff4ba166292762d17404f48d5cef086c9cf26d86bdde94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.kesem.org/

Response headers

x-robots-tag: none
access-control-max-age: 180
x-request-id: c4468158-a3bc-44b5-8fdd-2c4b035ebd4e
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: c4468158-a3bc-44b5-8fdd-2c4b035ebd4e
content-type: application/json;charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: *
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-856d8787d5-mglm2
x-envoy-upstream-service-time: 11
cf-ray: 8f2f4727cf1c9951-FRA
access-control-allow-origin: https://www.kesem.org
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 25ms
8ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1106316670747099&ev=PageView&dl=https%3A%2F%2Fwww.kesem.org%2F&rl=&if=false&ts=1734358447331&sw=1600&sh=1200&v=2.9.179&r=stable&a=plwebflow&ec=0&o=12318&fbp=fb.1.1734358447331.723917442737928143&ler=empty&cdl=API_unavailable&it=1734358446991&coo=false&rqm=GET

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4517, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 222ms
206ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1106316670747099&ev=PageView&dl=https%3A%2F%2Fwww.kesem.org%2F&rl=&if=false&ts=1734358447331&sw=1600&sh=1200&v=2.9.179&r=stable&a=plwebflow&ec=0&o=12318&fbp=fb.1.1734358447331.723917442737928143&ler=empty&cdl=API_unavailable&it=1734358446991&coo=false&rqm=FGET

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449012810998001128"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: dpEiCO620ogRiNRaSiQdlE3kY4egoxkow0je3BNNC2Ve5ITHb06eLb2k76LIYvjxhTfGtslXwV3H8RTVQZR9lQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449012810998001128", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4885, tp=13, tpl=0, uplat=196, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
916 B 145ms
125ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-robots-tag: none
x-request-id: 6c6f0d9c-e0b9-4169-b05d-13da8e53f27d
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: 6c6f0d9c-e0b9-4169-b05d-13da8e53f27d
content-type: image/gif
vary: origin
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-4rwh7
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
cf-ray: 8f2f4728bb24373c-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
923 B 175ms
166ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-robots-tag: none
x-request-id: 48cc3ba5-2d39-4323-9ef3-2da7f99a5726
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: MISS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-evy-trace-listener: listener_https
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: 48cc3ba5-2d39-4323-9ef3-2da7f99a5726
content-type: image/gif
vary: origin, Accept-Encoding
last-modified: Mon, 16 Dec 2024 14:14:07 GMT
priority: u=3,i
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=0, no-cache, no-store
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-b967ccf5d-4nb5b
x-envoy-upstream-service-time: 5
access-control-allow-credentials: false
cf-ray: 8f2f4728bb48373c-FRA
accept-ranges: bytes
x-evy-trace-route-configuration: listener_https/all
content-length: 35
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 117 B
1002 B 175ms
155ms XHR
application/json 2606:4700::6812:f26c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=23325778

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f26c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56171e5739b9ab13378977bc63aa43b3f6228c373c452373d5d0b8387552bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

access-control-max-age: 180
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yauYhlsuP7XRdnbv1ExJVDCnCNohWNedwODArVhqnNHztvQ3prVzu2Oh8QAUPFtQdEAmGgDxu4ycnj7W9reAZvm6Fw70hOUiqmFOy2LejUwUksas05augPI2LK1jxGClWI8GzI4klDQ2f6s"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:14:07 GMT
x-hubspot-correlation-id: 5e1ccbb9-1e53-4d2f-a8ae-05948e60ac98
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8f2f47293ebdd344-FRA
access-control-allow-origin: https://www.kesem.org
server: cloudflare

POST
H2 200 psimg.gif
pagesense-collect.zoho.com/ 42 B
462 B 191ms
191ms Ping
image/gif 204.141.43.190
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pagesense-collect.zoho.com/psimg.gif?raw=%7B%22vrd%22%3A%5B%7B%22a%22%3A%22ogzt83er%22%2C%22p%22%3A%22da8ef2d757ab4552819990f83dbb4de9%22%7D%5D%2C%22urd%22%3A%7B%22bv%22%3A%22Chrome%22%2C%22lv%22%3A%22de-DE%22%2C%22ov%22%3A%22Linux%22%2C%22dv%22%3A%22desktop%22%2C%22mdv%22%3A%22UNKNOWN%22%2C%22rv%22%3A%22%22%2C%22frv%22%3A%22%22%2C%22fcv%22%3A%22https%3A%2F%2Fwww.kesem.org%2F%22%2C%22cv%22%3A%22https%3A%2F%2Fwww.kesem.org%22%2C%22up%22%3A%5B%5D%2C%22tv%22%3A%22DIRECT%22%2C%22srv%22%3A%221600x1200%22%2C%22f%22%3A%221734358447189zabu0.839875302278668%22%2C%22d%22%3A%221734358447595zabv0.31883076771301533%22%2C%22sid%22%3A%221734358447596zsc0.21678076406664393%22%2C%22ts%22%3A0%2C%22n%22%3Atrue%2C%22lp%22%3A%22https%3A%2F%2Fwww.kesem.org%22%2C%22lpr%22%3A%22%22%2C%22fsrc%22%3A%22direct%22%2C%22fmdm%22%3A%22(none)%22%2C%22fchn%22%3A%22direct%22%2C%22ifr%22%3Atrue%2C%22isef%22%3Atrue%2C%22ht%22%3A%22pageview%22%2C%22iht%22%3Atrue%2C%22src%22%3A%22direct%22%2C%22mdm%22%3A%22(none)%22%2C%22chn%22%3A%22direct%22%2C%22dtte%22%3A%22Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem%22%7D%7D&type=21&domainname=ogzt83er

Requested by

Host: cdn.pagesense.io
URL: https://cdn.pagesense.io/js/ogzt83er/da8ef2d757ab4552819990f83dbb4de9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.190 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

strict-transport-security: max-age=63072000
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 42
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: image/gif;charset=UTF-8
content-disposition: attachment; filename="psimg.gif"
server: ZGS
x-frame-options: DENY

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 33ms
33ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016492874

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dda6c84382a9a50c46c09eb922ad3407ebacff8cf0abc457af53fbeeb4b97ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94732
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
92 KB 44ms
44ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016492874&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30205020-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

435fdf8e4d4923bdd9a5b48c26d2f838fdd9ef38f24cbba4c0e7b40989603060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 14:14:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94652
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 main.css
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/ Frame 3EAC 1 MB
150 KB 44ms
33ms Stylesheet
text/css 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edfe8ad6ba999a481b8def9121030c695b1e8ee304f557c6e79bd3c27018135d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4cd3a3940c5eb64bbafc9d8976195dd4"
x-amz-version-id: 3hhUkjmULyVNWtRNzGqxqcXNerGq3fKx
age: 47449
x-cache: Hit from cloudfront
x-amz-cf-id: CnjHDKdxxhgvWLSOCrMXYaToHc2mZphdqlFwkR2C0NB1N2hoyh5UAg==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
cf-ray: 8f2f47348c361907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame 3EAC 69 KB
15 KB 115ms
21ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7f844b4de702c14f9cbee7eec425ba383a04fce1b635a9febf5e03378b1219b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

x-ms-blob-type: BlockBlob
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-azure-ref: 20241216T141409Z-16fcb4bb965q27nmhC1FRAay9c0000000bp000000000m5vn
x-fd-int-roxy-purgeid: 0
content-encoding: br
x-ms-request-id: 68b7e4f9-801e-0016-79a5-4cb3d0000000
x-cache: TCP_HIT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 14:23:38 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 3EAC 159 KB
57 KB 64ms
49ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c115efbfe3da663b3cff109784ab03817a6a7e65009f886caf33b32d2c657a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"2b917ae8d496847ab5dec01bdd667998"
age: 48596
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:15:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript
content-disposition: inline
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: public, max-age=60
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f473498322c7a-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 3EAC 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/give/441200/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-302c"
x-content-type-options: nosniff
cf-ray: 8f2f47351aafdc9a-FRA
expires: Wed, 18 Dec 2024 14:14:09 GMT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 3EAC 19 KB
7 KB 67ms
34ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8f2f473569441c44-FRA
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 xdi.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 3EAC 25 KB
12 KB 238ms
237ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e5a118387a561a80908af63c274db1973e27ed3016dd3497250756704213fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"f42e869c5b8217a8dac0eea5e7b3184d"
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript
content-disposition: inline
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=60,s-maxage=86400
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47355d61d2b7-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ui.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 3EAC 336 KB
90 KB 261ms
261ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78664e7f94905ffe8f379c52480409c2fb114356b8fb83f51cd69a4bc450c951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"bf6fc0aa6482bd1c261cafd4b7632b84"
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript
content-disposition: inline
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=60,s-maxage=86400
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47356d7dd2b7-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 3EAC 7 KB
4 KB 50ms
25ms Script
application/javascript 2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
age: 1167354
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JE53TNAQ77FDPBSK15FTAGVX-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8f2f473598d73686-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/donation/ Frame 3EAC 184 KB
37 KB 55ms
54ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/donation/module.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c402b0b73dfbbc1a81ceff23bc79a9d931d773195bf7bf38fd86ccb82becaf0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"a2fc9c0bbda1af30d57c186405c7c4e7"
x-amz-version-id: xF1CPAYJLbRq8f8dZhxWZdF0HC2Rc5Xj
age: 47444
x-cache: Hit from cloudfront
x-amz-cf-id: FZxgbaSG-9xpitCxwWdRVzb3-C6ExAVAwYb6VwTaE-Z2RlTp8ZzyxA==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
cf-ray: 8f2f47357cef1907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/ Frame 3EAC 2 MB
417 KB 61ms
60ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/module.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c761093b23c9782ef66ea6bf63c11ed624386da3dc0eb5e4e6ba62f836b1f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"496b03725306f625335a39f7a0d23e87"
x-amz-version-id: 2aK4dCDMUXlLgnAb2IKqkv9YRb19fyvm
age: 47447
x-cache: Hit from cloudfront
x-amz-cf-id: kBFM4_lE3uE6J5MQ59y6fH2B4QKlBsqfSCRWdqhrYA5e_N8TfsHSLw==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:08:38 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
cf-ray: 8f2f47357cf21907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/ Frame 3EAC 1 MB
432 KB 37ms
37ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/libs.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8519e9a2c084533aac950aa97f5beed986b63f4ddd300275776119059d74755e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"a272bc0a8e5a066e687b2a7b84ef9013"
x-amz-version-id: gEWbItFs10vHGCGHo3NmofVgn5VKyh37
age: 47447
x-cache: Hit from cloudfront
x-amz-cf-id: AARSwkzq42p6fPB-cF0GYmnXrtl96LT2aCQ05FnVFAXnOjxw-stZnw==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cf-ray: 8f2f47357cf31907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 3EAC 156 KB
48 KB 91ms
41ms Script
text/javascript 3.161.82.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43532c7f9ea2da1b878f3159d97c98e069f798f01fea0e744ecf44bda1c7ffaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
x-amz-version-id: vKxUecDgQpO.1xnJSGSjCpmoKUUXmWLX
etag: W/"88efad34c73e2d502073c0ba47704aca"
age: 9041
x-cache: Hit from cloudfront
x-amz-cf-id: fyPOs5XEhdmmd8eGX0Nvs1XHG4X6XLYESxncQh3gat7RtSEfH-Aa0w==
date: Mon, 16 Dec 2024 11:43:49 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Thu, 12 Dec 2024 23:28:07 GMT
x-amz-id-2: uzIMSvjCSYZwigkRYNtAeVWYBUCUFYjVDT1tHDaV642zBwqEk/oLBGYySWlHfYaZxTA4FlhamfU=
x-amz-replication-status: COMPLETED
cache-control: no-cache,must-revalidate,max-age=0
via: 1.1 bb6970675ac5572387ab59ecc9abd23e.cloudfront.net (CloudFront)
x-amz-request-id: VPPGXESAWNY6CW28
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated Show response
/ Frame 3EAC 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 3EAC 692 KB
181 KB 67ms
24ms Script
text/javascript 18.66.147.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-118.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bde6d5fb61a996e7934ade68f22c8f9b1d8576f6fef15cc93f625f6b762241b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
etag: W/"3e9e610d0a0384c7524e78304f48af93"
age: 2
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TI64AHp7fdiDTz_G35igV-3Jt9Wp4rNXt_WZudKQotAd4Q9Uoel7RA==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 21:45:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P4
server: Cloudfront

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame 3EAC 317 KB
107 KB 18ms
18ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9af660732ecc9ca202a2d35a5fa1a0ead2d35002d4e7da85655ae28d44aa0c58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

x-ms-blob-type: BlockBlob
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-azure-ref: 20241216T141409Z-16fcb4bb965q27nmhC1FRAay9c0000000bp000000000m5w1
x-fd-int-roxy-purgeid: 0
content-encoding: br
x-ms-request-id: 68aff60a-801e-0016-4aa4-4cb3d0000000
x-cache: TCP_HIT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 14:23:38 GMT

GET
H3 200 cm.css
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 3EAC 18 KB
4 KB 30ms
30ms Stylesheet
text/css 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99db2171ec45b095ddcbb2148f6d65489778866297fb112eced757921fd2371f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"40d4e82c20c81c490424b03449a5e604"
age: 23023
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:15:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/css
content-disposition: inline
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=60
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47375b112c7a-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 en.json Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 3EAC 10 KB
2 KB 225ms
225ms Fetch
application/json 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a23ca876dfd68f4d30c8d052b668dffc3e78940c171ed6405a2455289026ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"751761fe15129cc4a901351ace0fb39d"
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: application/json
content-disposition: inline
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=60,s-maxage=86400
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47375a5bd2b7-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 sdk.js Show response
donate.kesem.org/sso/ Frame 3EAC 26 KB
7 KB 63ms
62ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/sdk.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8579be04990bec48a51d0d39b7cb9a29be82037593934e504acac39de6794337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/give/441200/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=1200
content-encoding: br
cf-cache-status: HIT
age: 88
cf-ray: 8f2f47381aa0dc9a-FRA
expires: Mon, 16 Dec 2024 14:32:40 GMT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 16 Dec 2024 14:12:41 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ Frame 3EAC 2 KB
1 KB 18ms
18ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

6564323f212760095ed2e2aabc311fcd705a6325110309f77bab1364b51c3a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:14:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 16 Dec 2024 14:14:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 3EAC 993 B
516 B 23ms
23ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Mon, 16 Dec 2024 14:14:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET intelligent-ask
donate.kesem.org/frs-api/campaigns/441200/ Frame 3EAC 0
0

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame 3EAC 0
165 B 24ms
21ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-b5ed121ab86d42604b5bf0ea411c7594-9bd0f87196f4251c-01
Referer: https://donate.kesem.org/give/441200/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5YmQwZjg3MTk2ZjQyNTFjIiwidHIiOiJiNWVkMTIxYWI4NmQ0MjYwNGI1YmYwZWE0MTFjNzU5NCIsInRpIjoxNzM0MzU4NDUwMDAyfX0=
tracestate: 423787@nr=0-1-423787-363751183-9bd0f87196f4251c----1734358450002

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f2f47389bbddc9a-FRA
access-control-allow-origin: https://donate.kesem.org
date: Mon, 16 Dec 2024 14:14:10 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 css
fonts.googleapis.com/ Frame 3EAC 12 KB
1 KB 51ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b819c4124b41751598735ffd222759f780c9053bd015b77ca9ff105e25afa1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:14:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 16 Dec 2024 13:55:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ Frame 3EAC 549 KB
218 KB 37ms
11ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
age: 121444
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Mon, 15 Dec 2025 04:30:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 04:30:06 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222469
x-xss-protection: 0
server: sffe

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 3EAC 88 KB
31 KB 39ms
9ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15e40"
age: 2951399
x-cache: HIT, HIT
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 2, 97114
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230061-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1734358450.044723,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30957
server: nginx

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/ Frame 3EAC 30 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
age: 16393
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 16 Dec 2025 09:40:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 09:40:54 GMT
last-modified: Wed, 11 Dec 2024 05:16:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
donate.kesem.org/sso/ssobuild/js/ Frame 3EAC 12 KB
5 KB 57ms
56ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
Referer: https://donate.kesem.org/give/441200/
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2ZmE0MzAwZmE3OGM3MmQwIiwidHIiOiI4YTQ1OWY5YzlhYjFhZTQwMWRmNTlkMDliMjhiYjk3YyIsInRpIjoxNzM0MzU4NDUwMDYwfX0=
traceparent: 00-8a459f9c9ab1ae401df59d09b28bb97c-6fa4300fa78c72d0-01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
tracestate: 423787@nr=0-1-423787-363751183-6fa4300fa78c72d0----1734358450060

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"672bb6aa-316e"
age: 1076525
cf-ray: 8f2f4738ec8edc9a-FRA
expires: Tue, 25 Nov 2025 21:27:55 GMT
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 06 Nov 2024 18:34:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 32 KB
32 KB 30ms
12ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 534938
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:38:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:38:32 GMT
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32492
x-xss-protection: 0
server: sffe

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 32 KB
0 32ms
32ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 534938
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:38:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:38:32 GMT
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32492
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 29 KB
29 KB 33ms
15ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 535603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:27:27 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 29 KB
0 34ms
34ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 535603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:27:27 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 29 KB
0 35ms
35ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 535603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:27:27 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 29 KB
0 36ms
36ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 535603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:27:27 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 3EAC 29 KB
0 36ms
36ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 535603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:27:27 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 2D3A 0
0 52ms
52ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP&co=aHR0cHM6Ly9kb25hdGUua2VzZW0ub3JnOjQ0Mw..&hl=de&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=lne81fsivzb6

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-leC71FcG0-znesYqUQ6_EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-leC71FcG0-znesYqUQ6_EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 14:14:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.css
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/ Frame C485 1 MB
0 0ms
0ms Stylesheet
text/css 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edfe8ad6ba999a481b8def9121030c695b1e8ee304f557c6e79bd3c27018135d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4cd3a3940c5eb64bbafc9d8976195dd4"
x-amz-version-id: 3hhUkjmULyVNWtRNzGqxqcXNerGq3fKx
age: 47449
x-cache: Hit from cloudfront
x-amz-cf-id: CnjHDKdxxhgvWLSOCrMXYaToHc2mZphdqlFwkR2C0NB1N2hoyh5UAg==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
cf-ray: 8f2f47348c361907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame C485 69 KB
0 1ms
1ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7f844b4de702c14f9cbee7eec425ba383a04fce1b635a9febf5e03378b1219b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

x-ms-blob-type: BlockBlob
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-azure-ref: 20241216T141409Z-16fcb4bb965q27nmhC1FRAay9c0000000bp000000000m5vn
x-fd-int-roxy-purgeid: 0
content-encoding: br
x-ms-request-id: 68b7e4f9-801e-0016-79a5-4cb3d0000000
x-cache: TCP_HIT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 14:23:38 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C485 159 KB
318 B 38ms
36ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c115efbfe3da663b3cff109784ab03817a6a7e65009f886caf33b32d2c657a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"2b917ae8d496847ab5dec01bdd667998"
age: 48597
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:15:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:10 GMT
content-disposition: inline
vary: Accept-Encoding
priority: u=1,i=?0
content-type: text/javascript
cache-control: public, max-age=60
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f473a9de42c7a-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 xdi.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C485 25 KB
0 0ms
0ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e5a118387a561a80908af63c274db1973e27ed3016dd3497250756704213fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"f42e869c5b8217a8dac0eea5e7b3184d"
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript
content-disposition: inline
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=60,s-maxage=86400
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47355d61d2b7-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ui.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C485 336 KB
0 0ms
0ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78664e7f94905ffe8f379c52480409c2fb114356b8fb83f51cd69a4bc450c951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"bf6fc0aa6482bd1c261cafd4b7632b84"
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript
content-disposition: inline
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=60,s-maxage=86400
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47356d7dd2b7-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 cm.css
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C485 18 KB
317 B 32ms
32ms Stylesheet
text/css 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99db2171ec45b095ddcbb2148f6d65489778866297fb112eced757921fd2371f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"40d4e82c20c81c490424b03449a5e604"
age: 23024
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:15:10 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:10 GMT
content-disposition: inline
vary: Accept-Encoding
priority: u=0,i=?0
content-type: text/css
cache-control: public, max-age=60
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f473b1e352c7a-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 en.json Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame C485 10 KB
0 0ms
0ms Fetch
application/json 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a23ca876dfd68f4d30c8d052b668dffc3e78940c171ed6405a2455289026ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"751761fe15129cc4a901351ace0fb39d"
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: application/json
content-disposition: inline
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=60,s-maxage=86400
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8f2f47375a5bd2b7-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame C485 12 KB
0 0ms
0ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/give/441200/

Response headers

cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675318bd-302c"
x-content-type-options: nosniff
cf-ray: 8f2f47351aafdc9a-FRA
expires: Wed, 18 Dec 2024 14:14:09 GMT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame C485 19 KB
0 1ms
1ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8f2f473569441c44-FRA
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame C485 7 KB
0 0ms
0ms Script
application/javascript 2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

cache-control: public, max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: "1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
age: 1167354
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8f2f473598d73686-FRA
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JE53TNAQ77FDPBSK15FTAGVX-fra
server: cloudflare
vary: Accept-Encoding

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/donation/ Frame C485 184 KB
0 1ms
1ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/donation/module.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c402b0b73dfbbc1a81ceff23bc79a9d931d773195bf7bf38fd86ccb82becaf0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"a2fc9c0bbda1af30d57c186405c7c4e7"
x-amz-version-id: xF1CPAYJLbRq8f8dZhxWZdF0HC2Rc5Xj
age: 47444
x-cache: Hit from cloudfront
x-amz-cf-id: FZxgbaSG-9xpitCxwWdRVzb3-C6ExAVAwYb6VwTaE-Z2RlTp8ZzyxA==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
cf-ray: 8f2f47357cef1907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/ Frame C485 2 MB
0 1ms
1ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/module.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c761093b23c9782ef66ea6bf63c11ed624386da3dc0eb5e4e6ba62f836b1f69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"496b03725306f625335a39f7a0d23e87"
x-amz-version-id: 2aK4dCDMUXlLgnAb2IKqkv9YRb19fyvm
age: 47447
x-cache: Hit from cloudfront
x-amz-cf-id: kBFM4_lE3uE6J5MQ59y6fH2B4QKlBsqfSCRWdqhrYA5e_N8TfsHSLw==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:08:38 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 f0ff3515536254a60a04240b4114639c.cloudfront.net (CloudFront)
cf-ray: 8f2f47357cf21907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/ Frame C485 1 MB
0 2ms
2ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/libs.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8519e9a2c084533aac950aa97f5beed986b63f4ddd300275776119059d74755e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"a272bc0a8e5a066e687b2a7b84ef9013"
x-amz-version-id: gEWbItFs10vHGCGHo3NmofVgn5VKyh37
age: 47447
x-cache: Hit from cloudfront
x-amz-cf-id: AARSwkzq42p6fPB-cF0GYmnXrtl96LT2aCQ05FnVFAXnOjxw-stZnw==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cf-ray: 8f2f47357cf31907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame C485 156 KB
501 B 44ms
38ms Script
text/javascript 3.161.82.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43532c7f9ea2da1b878f3159d97c98e069f798f01fea0e744ecf44bda1c7ffaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
x-amz-version-id: vKxUecDgQpO.1xnJSGSjCpmoKUUXmWLX
age: 9042
etag: W/"88efad34c73e2d502073c0ba47704aca"
x-cache: Hit from cloudfront
x-amz-cf-id: EUPmNushvfkgt_SqMtSYYEoyQ5QVUeLhunBRwrIXxudPm0UZKpmiVg==
date: Mon, 16 Dec 2024 14:14:10 GMT
last-modified: Thu, 12 Dec 2024 23:28:07 GMT
vary: accept-encoding
content-type: text/javascript
x-amz-id-2: uzIMSvjCSYZwigkRYNtAeVWYBUCUFYjVDT1tHDaV642zBwqEk/oLBGYySWlHfYaZxTA4FlhamfU=
x-amz-replication-status: COMPLETED
cache-control: no-cache,must-revalidate,max-age=0
via: 1.1 bb6970675ac5572387ab59ecc9abd23e.cloudfront.net (CloudFront)
x-amz-request-id: VPPGXESAWNY6CW28
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated Show response
/ Frame C485 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ Frame C485 692 KB
0 3ms
3ms Script
text/javascript 18.66.147.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-118.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bde6d5fb61a996e7934ade68f22c8f9b1d8576f6fef15cc93f625f6b762241b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
etag: W/"3e9e610d0a0384c7524e78304f48af93"
age: 2
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TI64AHp7fdiDTz_G35igV-3Jt9Wp4rNXt_WZudKQotAd4Q9Uoel7RA==
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 13 Dec 2024 21:45:34 GMT
vary: Accept-Encoding
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P4
server: Cloudfront

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame C485 317 KB
0 3ms
3ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9af660732ecc9ca202a2d35a5fa1a0ead2d35002d4e7da85655ae28d44aa0c58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

x-ms-blob-type: BlockBlob
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-azure-ref: 20241216T141409Z-16fcb4bb965q27nmhC1FRAay9c0000000bp000000000m5w1
x-fd-int-roxy-purgeid: 0
content-encoding: br
x-ms-request-id: 68aff60a-801e-0016-4aa4-4cb3d0000000
x-cache: TCP_HIT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 14:23:38 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 162ms
137ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=930271884&v=1.1&a=23325778&pu=https%3A%2F%2Fwww.kesem.org%2F&t=Free%2C+fun+support+for+kids+whose+parents+have+cancer+%7C+Kesem&cts=1734358450451&vi=eed3689bc9e9d659262758127d85b7be&nc=true&u=210537418.eed3689bc9e9d659262758127d85b7be.1734358450450.1734358450450.1734358450450.1&b=210537418.1.1734358450450&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

x-robots-tag: none
x-request-id: 6f32be2f-b99e-41d7-a036-192c5d6b5e6a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0tVpjy3qwbHyvq7vrKqSt3676nmPKacXgWVBrJ7m0opuCrz4SVkLk4tgfXZPkY%2F32FfNmDytkb6oRiCLG2ZWlZhVGuMPPrJdDbqpdziZo2dkB8KAU1dHsJRFBvvYTAexJ4dPIXE%2Fb1DhhK%2BNqFL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Mon, 16 Dec 2024 14:14:10 GMT
x-hubspot-correlation-id: 6f32be2f-b99e-41d7-a036-192c5d6b5e6a
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-gl5zl
x-envoy-upstream-service-time: 7
access-control-allow-credentials: false
cf-ray: 8f2f473b8cb603ac-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H3 200 617c5db66b27503f33029c19_kesem-favicon.png
cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/ 431 B
843 B 19ms
18ms Other
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/617c5db66b27503f33029c19_kesem-favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60cf82e70a15f95c2045120c033f6106870e92a3b456753451c0934d419d3d19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kesem.org/

Response headers

cf-cache-status: HIT
etag: "55884d704b3fa777a6ed42e6345ef329"
x-amz-version-id: kFrUMKpWflihjppECZGoNLIZjoMeMAQl
age: 418278
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: image/png
last-modified: Fri, 29 Oct 2021 20:46:48 GMT
vary: Accept-Encoding
priority: u=1,i
x-amz-id-2: rWj/8VcapUXHDdYFoWacDapoDXEfZCtSG4WqCrPmqL4yrFQ2mI0CB7rf/ofCzmsIoYQAktoJbpA=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: YY2ASB8HGYMPATTH
cf-ray: 8f2f473b9f0edbad-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 431
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sdk.js Show response
donate.kesem.org/sso/ Frame C485 26 KB
0 63ms
62ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/sdk.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8579be04990bec48a51d0d39b7cb9a29be82037593934e504acac39de6794337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/give/441200/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=1200
content-encoding: br
cf-cache-status: HIT
age: 88
cf-ray: 8f2f47381aa0dc9a-FRA
expires: Mon, 16 Dec 2024 14:32:40 GMT
date: Mon, 16 Dec 2024 14:14:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 16 Dec 2024 14:12:41 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame C485 88 KB
0 0ms
0ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15e40"
age: 2951399
x-cache: HIT, HIT
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 2, 97114
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230061-FRA
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1734358450.044723,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30957
server: nginx

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ Frame C485 2 KB
0 0ms
0ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

6564323f212760095ed2e2aabc311fcd705a6325110309f77bab1364b51c3a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:14:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 16 Dec 2024 14:14:09 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame C485 993 B
516 B 35ms
35ms Script
text/javascript 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f110.1e100.net

Software

ESF /

Resource Hash

f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options: nosniff
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires: Mon, 16 Dec 2024 14:14:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET intelligent-ask
donate.kesem.org/frs-api/campaigns/441200/ Frame C485 0
0

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame C485 0
37 B 19ms
17ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-2aa5f19d5fae81510b6c9158c1227865-383aa1e1b97463a9-01
Referer: https://donate.kesem.org/give/441200/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzODNhYTFlMWI5NzQ2M2E5IiwidHIiOiIyYWE1ZjE5ZDVmYWU4MTUxMGI2YzkxNThjMTIyNzg2NSIsInRpIjoxNzM0MzU4NDUwNTg2fX0=
tracestate: 423787@nr=0-1-423787-363751183-383aa1e1b97463a9----1734358450586

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f2f473c3c77dc9a-FRA
access-control-allow-origin: https://donate.kesem.org
date: Mon, 16 Dec 2024 14:14:10 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 css
fonts.googleapis.com/ Frame C485 12 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b819c4124b41751598735ffd222759f780c9053bd015b77ca9ff105e25afa1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 14:14:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 16 Dec 2024 13:55:19 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
donate.kesem.org/sso/ssobuild/js/ Frame C485 12 KB
0 0ms
0ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.kesem.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
Referer: https://donate.kesem.org/give/441200/
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5Y2NkNGIzOWYzOTEyOGJlIiwidHIiOiI3OWIxOTNmYWEzYmE4MjA1YWVkYzRmZjgyODJmOTcwNyIsInRpIjoxNzM0MzU4NDUwNTkxfX0=
traceparent: 00-79b193faa3ba8205aedc4ff8282f9707-9ccd4b39f39128be-01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
tracestate: 423787@nr=0-1-423787-363751183-9ccd4b39f39128be----1734358450591

Response headers

cache-control: max-age=31536000
content-encoding: br
cf-cache-status: HIT
etag: W/"672bb6aa-316e"
age: 1076525
cf-ray: 8f2f4738ec8edc9a-FRA
expires: Tue, 25 Nov 2025 21:27:55 GMT
date: Mon, 16 Dec 2024 14:14:10 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 06 Nov 2024 18:34:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ Frame C485 549 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__de.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
age: 121444
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Mon, 15 Dec 2025 04:30:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 04:30:06 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222469
x-xss-protection: 0
server: sffe

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame C485 32 KB
0 32ms
32ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 534938
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:38:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:38:32 GMT
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32492
x-xss-protection: 0
server: sffe

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame C485 29 KB
0 36ms
36ms Font
font/woff2 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://fonts.googleapis.com/

Response headers

age: 535603
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 09:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:27:27 GMT
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30096
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame C3DE 0
0 37ms
37ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rP2pwvmDrwQw8BLdAZ2Ajg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rP2pwvmDrwQw8BLdAZ2Ajg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 14:14:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/ Frame C485 30 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/f8f53e1a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: br
age: 16393
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 16 Dec 2025 09:40:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 09:40:54 GMT
last-modified: Wed, 11 Dec 2024 05:16:51 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10165
x-xss-protection: 0
server: sffe

GET
H2 200 channels Show response
donate.kesem.org/frs-api/campaigns/441200/ Frame 3EAC 657 B
461 B 224ms
224ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaigns/441200/channels?filter=channel_name%3DMetaFrapi

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc91c6df5388b4303ce8c85f6bc22e8de22399d3a5ef5ff884d52483670971b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: fCsNU50K-iIBqeyDmt8_OGJzGYgwJAa_1BMI
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmOTMxMzMyNmU1OGFiNDNhIiwidHIiOiI1Y2U5YjFjODhkZWJlZTIxNTYzZDBkOTNjYTJiODUzYSIsInRpIjoxNzM0MzU4NDUxMzA3fX0=
traceparent: 00-5ce9b1c88debee21563d0d93ca2b853a-f9313326e58ab43a-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-f9313326e58ab43a----1734358451307

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"291-0+UVHwVlbyLIvr0WbFCbIVoNGIQ"
x-content-type-options: nosniff
cf-ray: 8f2f4740b807dc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame 3EAC 0
83 B 26ms
25ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-a7a62fa375b85af8453209105511760b-efd05bfdd641bb6d-01
Referer: https://donate.kesem.org/give/441200/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlZmQwNWJmZGQ2NDFiYjZkIiwidHIiOiJhN2E2MmZhMzc1Yjg1YWY4NDUzMjA5MTA1NTExNzYwYiIsInRpIjoxNzM0MzU4NDUxMzIzfX0=
tracestate: 423787@nr=0-1-423787-363751183-efd05bfdd641bb6d----1734358451323

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f2f4740c848dc9a-FRA
access-control-allow-origin: https://donate.kesem.org
date: Mon, 16 Dec 2024 14:14:11 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 channels Show response
donate.kesem.org/frs-api/campaigns/441200/ Frame 3EAC 1 KB
729 B 167ms
167ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaigns/441200/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94516cb0718f0e046a2595606e6af6a2980e1ad5dad1453e3fd72bed0a5ab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: fCsNU50K-iIBqeyDmt8_OGJzGYgwJAa_1BMI
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NmFmODg2MzkxYjMyYTc1IiwidHIiOiJkOWJmYjQ4NTgxNmQ3OTNmMDhmZDNiM2FmMWRhZmIzMyIsInRpIjoxNzM0MzU4NDUxMzI0fX0=
traceparent: 00-d9bfb485816d793f08fd3b3af1dafb33-76af886391b32a75-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-76af886391b32a75----1734358451324

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"40d-euiBAT1nGccjN4ewBsxhpAGiKeY"
x-content-type-options: nosniff
cf-ray: 8f2f4740d85edc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

POST
H2 200 channel-events Show response
donate.kesem.org/frs-api/organizations/20779/ Frame 3EAC 631 B
602 B 439ms
438ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/organizations/20779/channel-events

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a32349a254198489c49d95a7620c8f7be7344b1aadd51e8ad893d0fd5717e475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: fCsNU50K-iIBqeyDmt8_OGJzGYgwJAa_1BMI
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmZWFlNWVmODA0YWVmZTZiIiwidHIiOiJiYWM0MTUxYzU2NjJjMjgzZWVjYjMxNmE0YzdiOWRlNCIsInRpIjoxNzM0MzU4NDUxMzI1fX0=
traceparent: 00-bac4151c5662c283eecb316a4c7b9de4-feae5ef804aefe6b-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
tracestate: 423787@nr=0-1-423787-363751183-feae5ef804aefe6b----1734358451325

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"277-4809RWCYc8kNn+SD04OjTYbeuBg"
x-content-type-options: nosniff
cf-ray: 8f2f4740d860dc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tax-entities Show response
donate.kesem.org/frs-api/organizations/20779/ Frame 3EAC 629 B
1 KB 427ms
426ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/organizations/20779/tax-entities

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0724ab7a4c75c61e725d0789663bffd469610512e7a839e604ac02e61a0d5efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: fCsNU50K-iIBqeyDmt8_OGJzGYgwJAa_1BMI
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkODZlNmM0MjNlZWYzYzQ5IiwidHIiOiIwOGExOWRlOTk1MjA0NTYzZTg4MjE1YjYyNDM5NTZkNyIsInRpIjoxNzM0MzU4NDUxMzM4fX0=
traceparent: 00-08a19de995204563e88215b6243956d7-d86e6c423eef3c49-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-d86e6c423eef3c49----1734358451338

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"275-iyYZ2uprjN1AwPofAqiPSQlMelA"
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=L0.F69Sp58tYPh1kPAvq77SVPrs16tw57m4KH_Lu3q4-1734358451-1.0.1.1-LaBPv.D36I2jUDYTmCe0BIYGRKgeK5yZ5tRuyo68m6zhfj0X_0utFMsmS0Zvbv69fiK2tA___uUAboJiRi8a06YIPiFgL2SVVAn5Ru2u8LfT3rA02MypInuT.M_eyWTnozX.J5JC7O8cGcI3Pc0oWLl.pYm.oqzhNPhTM_SiSyQ"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=L0.F69Sp58tYPh1kPAvq77SVPrs16tw57m4KH_Lu3q4-1734358451-1.0.1.1-LaBPv.D36I2jUDYTmCe0BIYGRKgeK5yZ5tRuyo68m6zhfj0X_0utFMsmS0Zvbv69fiK2tA___uUAboJiRi8a06YIPiFgL2SVVAn5Ru2u8LfT3rA02MypInuT.M_eyWTnozX.J5JC7O8cGcI3Pc0oWLl.pYm.oqzhNPhTM_SiSyQ; report-to cf-csp-endpoint
cf-ray: 8f2f4740e890dc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 currency-conversions Show response
donate.kesem.org/frs-api/i18n/ Frame 3EAC 75 B
320 B 386ms
385ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f55909d4512a37494a8603c63215414b645edfed205771d642184822644562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: fCsNU50K-iIBqeyDmt8_OGJzGYgwJAa_1BMI
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0MjU3NTFhZWQwYTQ5MzdhIiwidHIiOiIyZTNhYTFlZWZiYmY4Yjg4Yzc4NzhhYjllZmUyYjZlZCIsInRpIjoxNzM0MzU4NDUxMzg0fX0=
traceparent: 00-2e3aa1eefbbf8b88c7878ab9efe2b6ed-425751aed0a4937a-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-425751aed0a4937a----1734358451384

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"4b-KEVCrecRP8vkLYvh7kANSdf6A1I"
x-content-type-options: nosniff
cf-ray: 8f2f47412924dc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 3EAC 88 B
696 B 428ms
394ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=6332&currency=EUR

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://donate.kesem.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8f2f47417b32d364-FRA
x-classypay-requestid: ee95ff14-e036-4616-bc0d-617e04225fa8
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/ Frame 3EAC 394 B
781 B 34ms
34ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Response headers

cf-bgj: imgq:85,h2pri
etag: "43da60879cfe0801ed7fc830a628885c"
age: 46977
cf-cache-status: HIT
x-amz-version-id: gubWlgsZGr_BGbkMI.GZmI.otPDYNpsR
cf-polished: origFmt=png, origSize=547
x-cache: Hit from cloudfront
x-amz-cf-id: vdWyOfWZ6y9PUWXM97TB3qMHPO3aILDtvLa65rZG_GbfCwAPMhSI4w==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/webp
content-disposition: inline; filename="dropdown-caret.webp"
vary: Accept
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
cf-ray: 8f2f474149391907-FRA
accept-ranges: bytes
content-length: 394
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/fonts/ Frame 3EAC 42 KB
43 KB 65ms
42ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

207ab12dd753ca1d6c6fbb27f1908f95b5019af111d731d156bbc724ae243edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Response headers

access-control-max-age: 0
cf-cache-status: HIT
etag: "ecd998dd8884d7a3ea36c45b2dd29c2d"
x-amz-version-id: YRNdWnDTRDGeCrUKcbMVJiYl.RJrYhQ8
age: 46008
access-control-allow-methods: GET, HEAD
x-cache: Miss from cloudfront
x-amz-cf-id: Fd6veInrpFH6-P6uS0aPRqrImjq1d1mXwMgU0HxjbRHF_334dYLJAw==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: binary/octet-stream
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
cf-ray: 8f2f47417e496928-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43196
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/fonts/ Frame 3EAC 75 KB
76 KB 66ms
43ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Response headers

access-control-max-age: 0
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-amz-version-id: 7.RenZsSdj.yQvqkbSy7wyemEqnIYJyT
age: 46007
access-control-allow-methods: GET, HEAD
x-cache: Miss from cloudfront
x-amz-cf-id: ML3v9OijC3J4VXs83QnFM6Sg9iNxVBjaFGQ3gQXxtX5MY5zy1POUWQ==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: binary/octet-stream
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
cf-ray: 8f2f47417e4a6928-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 user-icon.png
donate.kesem.org/static/global/images/ Frame 3EAC 2 KB
2 KB 46ms
44ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.kesem.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/give/441200/

Response headers

cf-cache-status: HIT
etag: "6716ceda-11ec"
age: 3501231
cf-bgj: imgq:85,h2pri
expires: Sat, 25 Oct 2025 06:51:07 GMT
cf-polished: origFmt=png, origSize=4588
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/webp
content-disposition: inline; filename="user-icon.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 21 Oct 2024 21:59:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
cf-ray: 8f2f47414978dc9a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2024
server: cloudflare

GET
H2 200 8c8eda2a-555a-11ed-a901-0a58a9feac02.png
assets.classy.org/5856074/ Frame 3EAC 81 KB
82 KB 82ms
72ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/5856074/8c8eda2a-555a-11ed-a901-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff3c055d4d512e2055e7810636458373edb5db1fb8d00daf1046d2983e6cfb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

cf-cache-status: HIT
etag: "146673bf3c62a781edee4864d4d098ea"
age: 6563936
cf-bgj: imgq:85,h2pri
x-amz-version-id: 93.ayMV94LZeXTMzn_3yBQcSkFXm4obO
cf-polished: origSize=186089, status=webp_bigger
x-cache: Miss from cloudfront
x-amz-cf-id: VRSBsKamLAI7g1sq3ADVObUNBwui0TZGftVnYNzQPCQk1uwgpMrXhg==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/png
last-modified: Wed, 26 Oct 2022 18:18:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-replication-status: FAILED
cache-control: public,max-age=31536000
via: 1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront)
cf-ray: 8f2f474159521907-FRA
accept-ranges: bytes
content-length: 83453
x-amz-cf-pop: FRA56-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame 3EAC 1 KB
976 B 36ms
35ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-version-id: Me_V.33d_QjvWIO7cM6fnyjLpJPGtSp2
age: 47414
x-cache: Hit from cloudfront
x-amz-cf-id: 20AnoSmeu7kUxMBja6gLo_63J8GyCsSazS6_1wsBqVmI8lXGGV94uw==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
cf-ray: 8f2f4741493c1907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame 3EAC 1 KB
1 KB 56ms
55ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-version-id: UBn7NP4urAZlaVOBxSV2FL3j_mpmx0cH
age: 47412
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=FOtlpcsG6B7qOV86H6gq0v7CsZzhp8IfV4hHR.0tfQw-1734358451-1.0.1.1-L_zeo.oaTvTmV26dGqGiMBoQv.zn6FE4SOPs1yIiqythUtFss4vTNYSGgJ6xSRMctp2Hmxp4V83Wp.iw6bAUnaD9Z2y3KOcEx3AmD9wF1OxdRyyImSUzOPWWHQCX5KFAC1eWtGl106fqK7s9QDWg2gu5dr6j2Tu6JLS7C6TML04"}],"group":"cf-csp-endpoint","max_age":86400}
x-cache: Hit from cloudfront
x-amz-cf-id: fOMew7QLcg9bd062S3AGtHOOJYWBGIdLthIAaJO9HF43ivGcsaQZsA==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FOtlpcsG6B7qOV86H6gq0v7CsZzhp8IfV4hHR.0tfQw-1734358451-1.0.1.1-L_zeo.oaTvTmV26dGqGiMBoQv.zn6FE4SOPs1yIiqythUtFss4vTNYSGgJ6xSRMctp2Hmxp4V83Wp.iw6bAUnaD9Z2y3KOcEx3AmD9wF1OxdRyyImSUzOPWWHQCX5KFAC1eWtGl106fqK7s9QDWg2gu5dr6j2Tu6JLS7C6TML04; report-to cf-csp-endpoint
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cf-ray: 8f2f474149421907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame 3EAC 3 KB
1 KB 51ms
50ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-version-id: iAbMfOY4XRwsBc.DKehI2xncMa5MVKKl
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: FDwWplNp8pbefDLAO3QZ9gCivLzPlwo7Vk4HvzWclWcJkYv8YnVcXw==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
cf-ray: 8f2f474149441907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame 3EAC 1 KB
757 B 38ms
37ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-version-id: ARRJvpEqij8rNH1RTKlKCldVt42slr.t
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: Z5vz-EWKE-6cDW1ei68SvHN4VfsHnwBeJg3ee3FJG_PjDxEfbM4zLQ==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
cf-ray: 8f2f474149451907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame 3EAC 6 KB
2 KB 39ms
39ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-version-id: OCj5nDm3H.z0nj864_TCXocsdxqcWK_T
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: biJthHaPUj5zK4CQsy8rpR6hbUbeIjGi18TV8csBwTzCr3bFHmQVmQ==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
cf-ray: 8f2f474149461907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame 3EAC 1 KB
1 KB 40ms
40ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-version-id: pQFESAex09H.PjJxPEmtuICnBVCJmWVF
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: VWHqzUq3L481dYkmiF-OajOT8KVSV3IixgmVcwPmjOoHWGXPCFOdUA==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
cf-ray: 8f2f474189761907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 channels Show response
donate.kesem.org/frs-api/campaigns/441200/ Frame C485 657 B
601 B 595ms
481ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaigns/441200/channels?filter=channel_name%3DMetaFrapi

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc91c6df5388b4303ce8c85f6bc22e8de22399d3a5ef5ff884d52483670971b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NTE5NDg3MGMzMzBhMTA5IiwidHIiOiJjMWQ0NGUxODc5YzkyY2MwMjFiY2RiYzYxMDI5M2FkNyIsInRpIjoxNzM0MzU4NDUxNDE4fX0=
traceparent: 00-c1d44e1879c92cc021bcdbc610293ad7-65194870c330a109-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-65194870c330a109----1734358451418

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"291-0+UVHwVlbyLIvr0WbFCbIVoNGIQ"
x-content-type-options: nosniff
cf-ray: 8f2f47421b6fdc9a-FRA
date: Mon, 16 Dec 2024 14:14:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 user-icon.png
donate.kesem.org/static/global/images/ Frame C485 2 KB
0 29ms
29ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.kesem.org/static/global/images/user-icon.png
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/give/441200/

Response headers

cf-cache-status: HIT
etag: "6716ceda-11ec"
age: 3501231
cf-bgj: imgq:85,h2pri
expires: Sat, 25 Oct 2025 06:51:07 GMT
cf-polished: origFmt=png, origSize=4588
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/webp
content-disposition: inline; filename="user-icon.webp"
vary: Accept, Accept-Encoding
last-modified: Mon, 21 Oct 2024 21:59:54 GMT
cache-control: max-age=31536000
cf-ray: 8f2f47414978dc9a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2024
server: cloudflare

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame C485 0
37 B 22ms
21ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
traceparent: 00-29b7ba168b5549a0f81f6f4112f241f5-9ec7998fc54793d5-01
Referer: https://donate.kesem.org/give/441200/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5ZWM3OTk4ZmM1NDc5M2Q1IiwidHIiOiIyOWI3YmExNjhiNTU0OWEwZjgxZjZmNDExMmYyNDFmNSIsInRpIjoxNzM0MzU4NDUxNDI5fX0=
tracestate: 423787@nr=0-1-423787-363751183-9ec7998fc54793d5----1734358451429

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8f2f474179d7dc9a-FRA
access-control-allow-origin: https://donate.kesem.org
date: Mon, 16 Dec 2024 14:14:11 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 channels Show response
donate.kesem.org/frs-api/campaigns/441200/ Frame C485 1 KB
620 B 499ms
437ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaigns/441200/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94516cb0718f0e046a2595606e6af6a2980e1ad5dad1453e3fd72bed0a5ab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxMjE1MTU0ZTA5MjYwYjRkIiwidHIiOiIyYWJiYjI3NTVhYThjYjJlZDlmZDhlZTA1ZWRjZDk2MSIsInRpIjoxNzM0MzU4NDUxNDMwfX0=
traceparent: 00-2abbb2755aa8cb2ed9fd8ee05edcd961-1215154e09260b4d-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-1215154e09260b4d----1734358451430

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"40d-euiBAT1nGccjN4ewBsxhpAGiKeY"
x-content-type-options: nosniff
cf-ray: 8f2f4741dad9dc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

POST
H2 200 channel-events Show response
donate.kesem.org/frs-api/organizations/20779/ Frame C485 631 B
609 B 191ms
190ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/organizations/20779/channel-events

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5a51b982a718ef9f60bd93e0ae230261f50983258bcb5d5b7f3c4a83ce2017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5YzVmMTA0YWQzZDdjYmJiIiwidHIiOiI5MzI0MjVkYmE5OTM5ZDkzOWFkNTk3OTNhNmU4ODgzOCIsInRpIjoxNzM0MzU4NDUxNDMwfX0=
traceparent: 00-932425dba9939d939ad59793a6e88838-9c5f104ad3d7cbbb-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
tracestate: 423787@nr=0-1-423787-363751183-9c5f104ad3d7cbbb----1734358451430

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"277-2vNFnE66ZbMNK8igyYTpO3ITGkI"
x-content-type-options: nosniff
cf-ray: 8f2f474179dbdc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tax-entities Show response
donate.kesem.org/frs-api/organizations/20779/ Frame C485 629 B
453 B 747ms
421ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/organizations/20779/tax-entities

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0724ab7a4c75c61e725d0789663bffd469610512e7a839e604ac02e61a0d5efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3ZjM3NjE2ZTdkZmY1NTQ2IiwidHIiOiJkYzZhYjczNjE0NmZlNjFkYmQzZjQxMzdiMTY2YTM5MyIsInRpIjoxNzM0MzU4NDUxNDQxfX0=
traceparent: 00-dc6ab736146fe61dbd3f4137b166a393-7f37616e7dff5546-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-7f37616e7dff5546----1734358451441

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"275-iyYZ2uprjN1AwPofAqiPSQlMelA"
x-content-type-options: nosniff
cf-ray: 8f2f47439efbdc9a-FRA
date: Mon, 16 Dec 2024 14:14:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 8c8eda2a-555a-11ed-a901-0a58a9feac02.png
assets.classy.org/5856074/ Frame C485 81 KB
0 27ms
27ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.classy.org/5856074/8c8eda2a-555a-11ed-a901-0a58a9feac02.png
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ff3c055d4d512e2055e7810636458373edb5db1fb8d00daf1046d2983e6cfb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

cf-cache-status: HIT
etag: "146673bf3c62a781edee4864d4d098ea"
age: 6563936
cf-bgj: imgq:85,h2pri
x-amz-version-id: 93.ayMV94LZeXTMzn_3yBQcSkFXm4obO
cf-polished: origSize=186089, status=webp_bigger
x-cache: Miss from cloudfront
x-amz-cf-id: VRSBsKamLAI7g1sq3ADVObUNBwui0TZGftVnYNzQPCQk1uwgpMrXhg==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/png
last-modified: Wed, 26 Oct 2022 18:18:12 GMT
vary: Accept-Encoding
x-amz-replication-status: FAILED
cache-control: public,max-age=31536000
via: 1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront)
cf-ray: 8f2f474159521907-FRA
accept-ranges: bytes
content-length: 83453
x-amz-cf-pop: FRA56-P12
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame C485 1 KB
0 0ms
0ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-visa.svg
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-version-id: Me_V.33d_QjvWIO7cM6fnyjLpJPGtSp2
age: 47414
x-cache: Hit from cloudfront
x-amz-cf-id: 20AnoSmeu7kUxMBja6gLo_63J8GyCsSazS6_1wsBqVmI8lXGGV94uw==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
cf-ray: 8f2f4741493c1907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame C485 1 KB
0 1ms
1ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-amex.svg
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-version-id: UBn7NP4urAZlaVOBxSV2FL3j_mpmx0cH
age: 47412
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=FOtlpcsG6B7qOV86H6gq0v7CsZzhp8IfV4hHR.0tfQw-1734358451-1.0.1.1-L_zeo.oaTvTmV26dGqGiMBoQv.zn6FE4SOPs1yIiqythUtFss4vTNYSGgJ6xSRMctp2Hmxp4V83Wp.iw6bAUnaD9Z2y3KOcEx3AmD9wF1OxdRyyImSUzOPWWHQCX5KFAC1eWtGl106fqK7s9QDWg2gu5dr6j2Tu6JLS7C6TML04"}],"group":"cf-csp-endpoint","max_age":86400}
x-cache: Hit from cloudfront
x-amz-cf-id: fOMew7QLcg9bd062S3AGtHOOJYWBGIdLthIAaJO9HF43ivGcsaQZsA==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=FOtlpcsG6B7qOV86H6gq0v7CsZzhp8IfV4hHR.0tfQw-1734358451-1.0.1.1-L_zeo.oaTvTmV26dGqGiMBoQv.zn6FE4SOPs1yIiqythUtFss4vTNYSGgJ6xSRMctp2Hmxp4V83Wp.iw6bAUnaD9Z2y3KOcEx3AmD9wF1OxdRyyImSUzOPWWHQCX5KFAC1eWtGl106fqK7s9QDWg2gu5dr6j2Tu6JLS7C6TML04; report-to cf-csp-endpoint
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cf-ray: 8f2f474149421907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame C485 3 KB
0 2ms
2ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-discover.svg
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-version-id: iAbMfOY4XRwsBc.DKehI2xncMa5MVKKl
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: FDwWplNp8pbefDLAO3QZ9gCivLzPlwo7Vk4HvzWclWcJkYv8YnVcXw==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
cf-ray: 8f2f474149441907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame C485 1 KB
0 2ms
2ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-version-id: ARRJvpEqij8rNH1RTKlKCldVt42slr.t
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: Z5vz-EWKE-6cDW1ei68SvHN4VfsHnwBeJg3ee3FJG_PjDxEfbM4zLQ==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 6fa384f51cde51d7c86ee18d17ac3eaa.cloudfront.net (CloudFront)
cf-ray: 8f2f474149451907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame C485 6 KB
0 0ms
0ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-shield-icon.svg
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-version-id: OCj5nDm3H.z0nj864_TCXocsdxqcWK_T
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: biJthHaPUj5zK4CQsy8rpR6hbUbeIjGi18TV8csBwTzCr3bFHmQVmQ==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
cf-ray: 8f2f474149461907-FRA
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 currency-conversions Show response
donate.kesem.org/frs-api/i18n/ Frame C485 75 B
233 B 411ms
125ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f55909d4512a37494a8603c63215414b645edfed205771d642184822644562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
Referer: https://donate.kesem.org/give/441200/
csrf-token: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1NDljNWVlZjUzZDViYmJiIiwidHIiOiIyYjVmNzdhYTAwMTMzYjFhMjljMmM2MTk4NTg3MzJjMyIsInRpIjoxNzM0MzU4NDUxNDg0fX0=
traceparent: 00-2b5f77aa00133b1a29c2c619858732c3-549c5eef53d5bbbb-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
tracestate: 423787@nr=0-1-423787-363751183-549c5eef53d5bbbb----1734358451484

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"4b-KEVCrecRP8vkLYvh7kANSdf6A1I"
x-content-type-options: nosniff
cf-ray: 8f2f47439f0bdc9a-FRA
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/ Frame C485 1 KB
0 0ms
0ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/embedded-giving/embedded-giving-logo-ach.svg
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-version-id: pQFESAex09H.PjJxPEmtuICnBVCJmWVF
age: 47412
x-cache: Hit from cloudfront
x-amz-cf-id: VWHqzUq3L481dYkmiF-OajOT8KVSV3IixgmVcwPmjOoHWGXPCFOdUA==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/svg+xml
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: accept-encoding
cache-control: max-age=86400
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
cf-ray: 8f2f474189761907-FRA
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame C485 88 B
473 B 455ms
124ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=6332&currency=EUR

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://donate.kesem.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8f2f4743e982d364-FRA
x-classypay-requestid: f8b33c54-c1b3-4b4b-8e6a-f0dc51870103
access-control-allow-origin: *
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/ Frame C485 394 B
0 0ms
0ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/images/dropdown-caret.png
Requested by: Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Response headers

cf-bgj: imgq:85,h2pri
etag: "43da60879cfe0801ed7fc830a628885c"
age: 46977
cf-cache-status: HIT
x-amz-version-id: gubWlgsZGr_BGbkMI.GZmI.otPDYNpsR
cf-polished: origFmt=png, origSize=547
x-cache: Hit from cloudfront
x-amz-cf-id: vdWyOfWZ6y9PUWXM97TB3qMHPO3aILDtvLa65rZG_GbfCwAPMhSI4w==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: image/webp
content-disposition: inline; filename="dropdown-caret.webp"
vary: Accept
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
cache-control: max-age=86400
via: 1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
cf-ray: 8f2f474149391907-FRA
accept-ranges: bytes
content-length: 394
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/fonts/ Frame C485 42 KB
0 0ms
0ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/global/fonts/ClassyIcons.woff
Requested by: Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207ab12dd753ca1d6c6fbb27f1908f95b5019af111d731d156bbc724ae243edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Response headers

access-control-max-age: 0
cf-cache-status: HIT
etag: "ecd998dd8884d7a3ea36c45b2dd29c2d"
x-amz-version-id: YRNdWnDTRDGeCrUKcbMVJiYl.RJrYhQ8
age: 46008
access-control-allow-methods: GET, HEAD
x-cache: Miss from cloudfront
x-amz-cf-id: Fd6veInrpFH6-P6uS0aPRqrImjq1d1mXwMgU0HxjbRHF_334dYLJAw==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: binary/octet-stream
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
cf-ray: 8f2f47417e496928-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43196
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/fonts/ Frame C485 75 KB
0 1ms
1ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://donate.kesem.org
Referer: https://prod-frs.content.classy.org/prod/28b9fc010e5ba714a98be1a82341a5c81cdbbf05/static/frs/main.css

Response headers

access-control-max-age: 0
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
x-amz-version-id: 7.RenZsSdj.yQvqkbSy7wyemEqnIYJyT
age: 46007
access-control-allow-methods: GET, HEAD
x-cache: Miss from cloudfront
x-amz-cf-id: ML3v9OijC3J4VXs83QnFM6Sg9iNxVBjaFGQ3gQXxtX5MY5zy1POUWQ==
date: Mon, 16 Dec 2024 14:14:11 GMT
content-type: binary/octet-stream
last-modified: Tue, 10 Dec 2024 20:08:37 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
cf-ray: 8f2f47417e4a6928-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
x-amz-cf-pop: FRA56-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 controller-with-preconnect-5276f765afdc5378dd4b3de1c994ccd3.html
js.stripe.com/v3/ Frame 3A6D 0
0 30ms
7ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-5276f765afdc5378dd4b3de1c994ccd3.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 20
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 404
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "5276f765afdc5378dd4b3de1c994ccd3"
last-modified: Fri, 13 Dec 2024 21:02:47 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 8
x-content-type-options: nosniff
x-request-id: c22d5ca8-006e-46de-945a-8226e162f129
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
js.stripe.com/v3/ Frame 96D4 0
0 29ms
9ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234529
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 185
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "297654697a16ede0041bbaa12fa590c6"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1668
x-content-type-options: nosniff
x-request-id: 04463da7-6cd2-45a4-be63-94748f07a7b1
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
js.stripe.com/v3/ Frame 117A 0
0 29ms
10ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "cb1d8c1c01606a7ad1b9e3a8f8e5044e"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: cc3a0ca5-70ca-4d99-b2b8-e878ec7292ef
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
js.stripe.com/v3/ Frame F2C7 0
0 30ms
30ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234529
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 185
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "297654697a16ede0041bbaa12fa590c6"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1668
x-content-type-options: nosniff
x-request-id: 04463da7-6cd2-45a4-be63-94748f07a7b1
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
js.stripe.com/v3/ Frame 6DEB 0
0 30ms
30ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "cb1d8c1c01606a7ad1b9e3a8f8e5044e"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: cc3a0ca5-70ca-4d99-b2b8-e878ec7292ef
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 controller-with-preconnect-5276f765afdc5378dd4b3de1c994ccd3.html
js.stripe.com/v3/ Frame F846 0
0 14ms
14ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-5276f765afdc5378dd4b3de1c994ccd3.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 20
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 404
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "5276f765afdc5378dd4b3de1c994ccd3"
last-modified: Fri, 13 Dec 2024 21:02:47 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 8
x-content-type-options: nosniff
x-request-id: c22d5ca8-006e-46de-945a-8226e162f129
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
js.stripe.com/v3/ Frame 930B 0
0 20ms
20ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234529
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 185
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "297654697a16ede0041bbaa12fa590c6"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1668
x-content-type-options: nosniff
x-request-id: 04463da7-6cd2-45a4-be63-94748f07a7b1
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
js.stripe.com/v3/ Frame 9F28 0
0 20ms
20ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "cb1d8c1c01606a7ad1b9e3a8f8e5044e"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: cc3a0ca5-70ca-4d99-b2b8-e878ec7292ef
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
js.stripe.com/v3/ Frame 3829 0
0 21ms
21ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234529
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 185
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "297654697a16ede0041bbaa12fa590c6"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1668
x-content-type-options: nosniff
x-request-id: 04463da7-6cd2-45a4-be63-94748f07a7b1
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
js.stripe.com/v3/ Frame A84E 0
0 21ms
21ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "cb1d8c1c01606a7ad1b9e3a8f8e5044e"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: cc3a0ca5-70ca-4d99-b2b8-e878ec7292ef
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 status Show response
donate.kesem.org/sso/ Frame 3EAC 90 B
1 KB 408ms
405ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361021273304094389833_1734358450058&_=1734358450059

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2de633b4574c9f578d0e7171501a7e7350632845df60423baad47568fa773c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
Referer: https://donate.kesem.org/give/441200/
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjYzcxNWJhNzQ2OGExYzg4IiwidHIiOiIxYmZlN2UxMmIxZTMwZDMzNDg5MWFhMzhjYTViMGQ5YyIsInRpIjoxNzM0MzU4NDUxNTU0fX0=
traceparent: 00-1bfe7e12b1e30d334891aa38ca5b0d9c-cc715ba7468a1c88-01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
tracestate: 423787@nr=0-1-423787-363751183-cc715ba7468a1c88----1734358451554

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.classy.org;
cache-control: no-cache, private
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8f2f47424bcadc9a-FRA
p3p: CP="Classy does not have a P3P policy."
date: Mon, 16 Dec 2024 14:14:11 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 status Show response
donate.kesem.org/sso/ Frame C485 90 B
1 KB 405ms
403ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361016227217069145605_1734358450590&_=1734358450591

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6bee5c3ebb2206afe728bc54ec4eba0b2293360cd8a82fae6010b4a26b6473a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
Referer: https://donate.kesem.org/give/441200/
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4YWYwZjUzNjgxYTI3Mjc0IiwidHIiOiI2NzAyOWQwMjM0NzZkYWY2ZmU5YjU2YjYxYjRkNDk2YSIsInRpIjoxNzM0MzU4NDUxNTYyfX0=
traceparent: 00-67029d023476daf6fe9b56b61b4d496a-8af0f53681a27274-01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
tracestate: 423787@nr=0-1-423787-363751183-8af0f53681a27274----1734358451562

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://*.classy.org;
cache-control: no-cache, private
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
cf-ray: 8f2f47424be4dc9a-FRA
p3p: CP="Classy does not have a P3P policy."
date: Mon, 16 Dec 2024 14:14:11 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
js.stripe.com/v3/ Frame 1D10 0
0 0ms
0ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234529
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 185
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "297654697a16ede0041bbaa12fa590c6"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1668
x-content-type-options: nosniff
x-request-id: 04463da7-6cd2-45a4-be63-94748f07a7b1
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
js.stripe.com/v3/ Frame 53D2 0
0 0ms
0ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "cb1d8c1c01606a7ad1b9e3a8f8e5044e"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: cc3a0ca5-70ca-4d99-b2b8-e878ec7292ef
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html
js.stripe.com/v3/ Frame A5F2 0
0 0ms
0ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-297654697a16ede0041bbaa12fa590c6.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 234529
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 185
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "297654697a16ede0041bbaa12fa590c6"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1668
x-content-type-options: nosniff
x-request-id: 04463da7-6cd2-45a4-be63-94748f07a7b1
x-served-by: cache-fra-etou8220152-FRA

GET
H2 200 payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html
js.stripe.com/v3/ Frame A537 0
0 1ms
1ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cb1d8c1c01606a7ad1b9e3a8f8e5044e.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 26
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 159
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 14:14:11 GMT
etag: "cb1d8c1c01606a7ad1b9e3a8f8e5044e"
last-modified: Fri, 13 Dec 2024 21:03:01 GMT
origin-agent-cluster: ?1
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: cc3a0ca5-70ca-4d99-b2b8-e878ec7292ef
x-served-by: cache-fra-etou8220152-FRA

POST
H2 200 channel-events Show response
donate.kesem.org/frs-api/organizations/20779/ Frame 3EAC 746 B
570 B 167ms
166ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/organizations/20779/channel-events

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

869d62792e8507c24779fb4bfd99bf0dc5b3ed3222d831bd6ffab51137150bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: AJaEupnw-DTzy2Cf4eUn9pR3V3j35-JCQ5qo
Referer: https://donate.kesem.org/give/441200/
csrf-token: fCsNU50K-iIBqeyDmt8_OGJzGYgwJAa_1BMI
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0MzEyMDNkNDkyZDI5Yjk0IiwidHIiOiI2NDI5NjNmNzRiNzQ5ODlhOTljMWI0MGYwMWQzNDM0OSIsInRpIjoxNzM0MzU4NDUxOTY2fX0=
traceparent: 00-642963f74b74989a99c1b40f01d34349-431203d492d29b94-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
tracestate: 423787@nr=0-1-423787-363751183-431203d492d29b94----1734358451966

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"2ea-8+jhWg31yhxYWrI5ttrlVuIzkc4"
x-content-type-options: nosniff
cf-ray: 8f2f4744da0edc9a-FRA
date: Mon, 16 Dec 2024 14:14:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

POST
H2 200 channel-events Show response
donate.kesem.org/frs-api/organizations/20779/ Frame C485 745 B
562 B 192ms
191ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/organizations/20779/channel-events

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130a48bb762181948db2e9c781504146c51f99a1cf5406448854db4ae6d40724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: AJaEupnw-DTzy2Cf4eUn9pR3V3j35-JCQ5qo
Referer: https://donate.kesem.org/give/441200/
csrf-token: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxYjViMTQ1MjZiZTY3OTlmIiwidHIiOiJhZjk3Zjc2MWMzYTc2Mjg5ZDdhODFhOTRlMWJlNzg3NSIsInRpIjoxNzM0MzU4NDUxOTcyfX0=
traceparent: 00-af97f761c3a76289d7a81a94e1be7875-1b5b14526be6799f-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
tracestate: 423787@nr=0-1-423787-363751183-1b5b14526be6799f----1734358451972

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"2e9-GZ9RHT3jqDRWEfSO/GKsBMRRV8o"
x-content-type-options: nosniff
cf-ray: 8f2f4744da24dc9a-FRA
date: Mon, 16 Dec 2024 14:14:12 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: donate.kesem.org
URL: https://donate.kesem.org/frs-api/campaigns/441200/intelligent-ask

Domain: donate.kesem.org
URL: https://donate.kesem.org/frs-api/campaigns/441200/intelligent-ask

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.donate.kesem.org/	1970-01-21 01:46:00	Name: __cf_bm Value: .G1g8JtrFpfyMKS0xbpis5imWjtw688g_l3vR6Lv_B8-1734358445-1.0.1.1-XmD8TDqmIJnKfR1WDqBACaBj0RoCxn5mHqzmVcFICwRqvsuG9gA9ZRICvJ0CMoESZ7vciDRvaBr1_BkA4J9Q6Q
.donate.kesem.org/	1969-12-31 23:59:59	Name: _cfuvid Value: Sy_pPvlke2mzZ9X87SDQKZ16fq3PO2IYBf0HG7ZYnfc-1734358445796-0.0.1.1-604800000
.prod.website-files.com/	1970-01-21 01:46:00	Name: __cf_bm Value: 764Av6ZxftyCGOkkAuSA0Z23zhR7S.xo64MAtq2FjH4-1734358446-1.0.1.1-Kz4AJZ4e0BwQlVlTWiv9Zvd9hic03EcfzLENxcTf6hZqBnR6SL.n86TT9lWzaFW.ZZuwbISROh4z.hqQ6WZRrg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -CMJNr_fIvU
.youtube.com/	1970-01-21 06:05:10	Name: VISITOR_INFO1_LIVE Value: b3c8_hixeQU
.youtube.com/	1970-01-21 06:05:10	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgNg%3D%3D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: KsTFG3MYA9Y
.hs-scripts.com/	1970-01-21 01:46:00	Name: __cf_bm Value: xmDbY6.ejFlW888X3xeh8Jk5p92OJv9BCl5KNKA.4tA-1734358447-1.0.1.1-u03nEdCtT04HpaqhbX5UZFqOhYgT8NU70dPOcMx0yt6r4ZPwyUePwmHXGJbh7Qoq2g3qnBNPpBnhaIeCxLfgjg
.classy.org/	1970-01-21 01:46:00	Name: __cf_bm Value: UuhqHWjSTZ0hXh9H2Bo2A0jDQCetgXwQ7maHeU_24q4-1734358447-1.0.1.1-9V7sCpE5FkX7El4tBc7v3JOQLHX1DEnvMYL41BX9w3wQvd2uKb61euv5PWq7Z5Qhttw9gGEqRz983VPMv2gApQ
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: jmQsZDJ9qi5KcfL4xcoUDWivLznul0s1XYD6LFuMQY4-1734358447105-0.0.1.1-604800000
.hsadspixel.net/	1970-01-21 01:46:00	Name: __cf_bm Value: QJAsTgPc5xREyp_ZL6vCVqAMOdlayEKjBGORXGNSP6A-1734358447-1.0.1.1-j00DQs0UAUcWHHioddG.C0Kj7BdBzD2.mARlFJv6t6Z2JpiTfpMYdS04Qb9hQ34J6ZRMvaMaxxllGFasY9rR3A
www.kesem.org/	1970-01-21 10:31:34	Name: zabUserId Value: 1734358447189zabu0.839875302278668
.youtube.com/	1970-01-21 06:05:10	Name: VISITOR_INFO1_LIVE Value: b3c8_hixeQU
.youtube.com/	1970-01-21 06:05:10	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgNg%3D%3D
.hs-analytics.net/	1970-01-21 01:46:00	Name: __cf_bm Value: UnHIkD4xNQSK.BoD0TULHskg8RAlFOnbPjw4raPircY-1734358447-1.0.1.1-ZOfzoi323gV5zip4H3By1qSTrTCSGHo4A49rhQZ5AQyteUUyE6d9RWRKQpBC7BaKFoJWDIxlGW9tfHdFpwNwWg
.hs-banner.com/	1970-01-21 01:46:00	Name: __cf_bm Value: UMBrtK1hIBvBmgBS5KFaLL4AEJv3rFAm5umMKaE6uwE-1734358447-1.0.1.1-rokAtYGvBqxN0NdgmoqmF13wVa2JiYmh6.Vk461InKA7eqMVSkcEwKIraAe._nIdYcIAaXqCnRtiA4D.HuoNrA
.kesem.org/	1970-01-21 01:46:00	Name: zscda8ef2d757ab4552819990f83dbb4de9 Value: 1734358447596zsc0.21678076406664393
.kesem.org/	1970-01-21 01:46:51	Name: zft-sdc Value: isef%3Dtrue-isfr%3Dtrue-source%3Ddirect
.hsforms.com/	1970-01-21 01:46:00	Name: __cf_bm Value: XrEAbMYFPHF8utVMKwYtrPIp5WUe6H.q8reb.bf7CMk-1734358447-1.0.1.1-UJr06bK92YJo6Qar3WLZKqLTj8pPSQIkM9C.ohypJLdDJ8tUli5d2pQroJWYrELaXzgvbnODMDTa54vR4a.I_A
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: TYaA.cjgEgswjpS_8kRJtrZcj29tXlIpFAs7y.x0XRQ-1734358447633-0.0.1.1-604800000
pagesense-collect.zoho.com/	1969-12-31 23:59:59	Name: zfccn Value: 0425cd1f-31a4-4335-867e-e60fc5356c65
donate.kesem.org/	1970-01-21 11:21:58	Name: connect.sid Value: s%3Ac4_F5j7QQt_mGZtPGfeP9M1M2U_T4hw4.NoNA9wxeEIh9OW17fPaJldfbadaTrArvdGoYXBjULhs
.donate.kesem.org/	1969-12-31 23:59:59	Name: __cfruid Value: 6ef390e72463e956e2ad2593dc9bf360274143d3-1734358449
.classy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 6ef390e72463e956e2ad2593dc9bf360274143d3-1734358449
donate.kesem.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: o58ACMtI-6sNFzRFMVs1q3FAtmDR1IWXANmY
.hubspot.com/	1970-01-21 01:46:00	Name: __cf_bm Value: WhT6tKXrP6vJ_STx0w6J71rUkP83yxrharSwS8QwZ68-1734358450-1.0.1.1-WFgXZAOD4pA3vixSb2uAfvix_A3KPMJmdkh2aiyufwMJNSxJe6BwpZ0wQdZ.R0LmqmqHq4s6aEuFZjX.puCeKw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: i2taAXWOlDFTbV4g6UdOw3gxTa1oJfj2_pH0mCDaDCs-1734358450610-0.0.1.1-604800000

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sdk.classy.org/embedded-giving.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	warning	URL: https://www.kesem.org/ Message: Failed to decode downloaded font: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other	warning	URL: https://www.kesem.org/ Message: OTS parsing error: cmap: Failed to serialize table
other	warning	URL: https://www.kesem.org/ Message: Failed to decode downloaded font: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other	warning	URL: https://www.kesem.org/ Message: OTS parsing error: cmap: Failed to serialize table
other	warning	URL: https://www.kesem.org/ Message: Failed to decode downloaded font: https://cdn.prod.website-files.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other	warning	URL: https://www.kesem.org/ Message: OTS parsing error: cmap: Failed to serialize table

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
assets.classy.org
campkesem.org
cdn.embedly.com
cdn.jetboost.io
cdn.pagesense.io
cdn.plaid.com
cdn.prod.website-files.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cta-service-cms2.hubspot.com
d3e54v103j8qbb.cloudfront.net
donate.kesem.org
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.stripe.com
pagesense-collect.zoho.com
pay.classy.org
perf-na1.hsforms.com
prod-frs.content.classy.org
region1.analytics.google.com
region1.google-analytics.com
sdk.classy.org
static.cloudflareinsights.com
stats.g.doubleclick.net
track.hubspot.com
transcend-cdn.com
unpkg.com
www.campkesem.org
www.classy.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.kesem.org
www.youtube.com
donate.kesem.org
104.16.90.50
104.17.24.14
104.18.160.117
104.18.80.204
142.250.185.100
142.250.185.131
142.250.185.168
151.101.64.176
157.240.252.13
157.240.253.35
172.217.16.131
172.217.18.110
172.64.147.18
18.102.16.191
18.66.147.118
2001:4860:4802:32::36
204.141.43.190
2600:9000:2156:6800:11:bd8b:3000:93a1
2600:9000:223e:800:1d:7a82:2900:93a1
2606:4700:4400::ac40:9310
2606:4700::6810:5049
2606:4700::6810:6efe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6811:f9cb
2606:4700::6812:7c49
2606:4700::6812:a175
2606:4700::6812:c55f
2606:4700::6812:f26c
2620:1ec:bdf::45
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:400c:c1f::9d
2a04:4e42:200::649
3.160.156.41
3.161.82.71
35.152.119.144
99.83.190.102
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
0724ab7a4c75c61e725d0789663bffd469610512e7a839e604ac02e61a0d5efd
085b81ceac28c6dd6f6a9323ba8662c4893473549596be1aca35248725398cef
0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8
130a48bb762181948db2e9c781504146c51f99a1cf5406448854db4ae6d40724
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
14f55909d4512a37494a8603c63215414b645edfed205771d642184822644562
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19a23ca876dfd68f4d30c8d052b668dffc3e78940c171ed6405a2455289026ae
207ab12dd753ca1d6c6fbb27f1908f95b5019af111d731d156bbc724ae243edc
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
25e7a2755b07a194a639eb5386cfa637e63a139f9aecb0dcb9e5a9de585fcb9d
261336021d3af77efdcb31c0a26a45aaed8601a65ace2f568d8961d3c16d55d6
29b07060d04c4ba708b0d184c055be5ba3ae12c3cf20e2324ad31b063df78de3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5a51b982a718ef9f60bd93e0ae230261f50983258bcb5d5b7f3c4a83ce2017
2ff3c055d4d512e2055e7810636458373edb5db1fb8d00daf1046d2983e6cfb2
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
40674cc74092d70dbcfd9f4cbbae9fff87e71404a9a2f4b57b6270557579a3d3
41b57b9b5a01d7b8e6879e3c3552abc405ac4fddfbebfb04bdfcf110a7f86350
43532c7f9ea2da1b878f3159d97c98e069f798f01fea0e744ecf44bda1c7ffaa
435fdf8e4d4923bdd9a5b48c26d2f838fdd9ef38f24cbba4c0e7b40989603060
43f03a6879c657b1c23366307c501a0df1319a9738394ad10be141efb295f2fc
44289cb4c3a7acdcfdbe63ded8e52170101bbf006b681350d265eb04a834aeed
4487cd7e98dc5b35808bc944bbd410d2666bff1b4c3c9a9da5a39dd0920c7151
4c5465973630c3de4b1e6845c4a7bd6c82a8d3dca0017ed6919bf39f376ecedb
4c761093b23c9782ef66ea6bf63c11ed624386da3dc0eb5e4e6ba62f836b1f69
4ef9251e28651c4c8d6a5ae92fc332b7a6e27f939e9af77ec3c92827d59fe29c
54786df2c038ac72cdff7ea06a978deb83c80ea470a0ea6fb271d486801be773
5a3fb3993cd2e453176ffaa58ba80f9e237a84fa6184bae67469f90030317094
5e5a118387a561a80908af63c274db1973e27ed3016dd3497250756704213fc3
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
60cf82e70a15f95c2045120c033f6106870e92a3b456753451c0934d419d3d19
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6444ea95737dc18a7adb8174b1897b625c60a2c325cf302c515fb192a5e29b07
6564323f212760095ed2e2aabc311fcd705a6325110309f77bab1364b51c3a35
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
674d5ab1e2c5a783115e67fabc4805ac2e8a83d48eb6a1ad3535c23a959a1801
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae4ade5957e61bbc7c19d58e10316dd2bb272e1b9f787fb2ac552d68fff4a0a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fca56e0b11525635f30214b19a3b2aabb09f655ebf813cfb1465387970db2a5
78664e7f94905ffe8f379c52480409c2fb114356b8fb83f51cd69a4bc450c951
7d48f66ef07e7cbcace87f5c3c51c11655dcc21c2af1cb9791bc6c58b52f2bae
7ddec7493b356e5f7e21af957a903f128542111be58cb136558cb5f751ce1f43
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f844b4de702c14f9cbee7eec425ba383a04fce1b635a9febf5e03378b1219b5
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
8519e9a2c084533aac950aa97f5beed986b63f4ddd300275776119059d74755e
8579be04990bec48a51d0d39b7cb9a29be82037593934e504acac39de6794337
8694091227f6f34a6acb8dda867cab6f129cb19ee794a75ebd434793d4066e5a
869d62792e8507c24779fb4bfd99bf0dc5b3ed3222d831bd6ffab51137150bec
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
941e2020e43f74d180c19d07e14a7e8d0c082673f1919776638701c012334a3e
96f1c1df4ce63dc4305288287761e42834f839182a5e3f6c116ba68ac4e27495
99db2171ec45b095ddcbb2148f6d65489778866297fb112eced757921fd2371f
9af660732ecc9ca202a2d35a5fa1a0ead2d35002d4e7da85655ae28d44aa0c58
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a32349a254198489c49d95a7620c8f7be7344b1aadd51e8ad893d0fd5717e475
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b3e0f45131c6443333faee50545dab26135eb2ffa399482a9b310ddd8cb35e5d
b819c4124b41751598735ffd222759f780c9053bd015b77ca9ff105e25afa1ee
b8f4818795d8ba29ef00851bfb7ff38be7e1a6380b306adbf4aed829d352c080
bbfdc5d81c052742e1af53bffab9c24a3c5680274c14ea59dfc69ac260fee655
bc91c6df5388b4303ce8c85f6bc22e8de22399d3a5ef5ff884d52483670971b4
bde6d5fb61a996e7934ade68f22c8f9b1d8576f6fef15cc93f625f6b762241b1
c115efbfe3da663b3cff109784ab03817a6a7e65009f886caf33b32d2c657a85
c402b0b73dfbbc1a81ceff23bc79a9d931d773195bf7bf38fd86ccb82becaf0a
c63f9782e146d480542091034f902dc5785016bf269ba41331ab96494bcfd7d2
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
caa8a30eb478324fb65764f993a4e31337c6ac347a456446c47bda3cb229ccc0
cbc9356e752ad2ec816689d39f6bc3c275294782b19934c54a20aea7580e4e58
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf6a681349103c98874d086393c51a4d636e2ebb579f69dba5149fa0edc2acd1
d2de633b4574c9f578d0e7171501a7e7350632845df60423baad47568fa773c5
d345d07713f4280375b721453f58ebf61d3bb3aec11b7db446caec100cf17afb
d425f837ebda7c908269b70c7cfc6a3145ec216f869e8377c2f17ac3b3ab888f
d528489716a3043d17ff4ba166292762d17404f48d5cef086c9cf26d86bdde94
d6bee5c3ebb2206afe728bc54ec4eba0b2293360cd8a82fae6010b4a26b6473a
d94516cb0718f0e046a2595606e6af6a2980e1ad5dad1453e3fd72bed0a5ab24
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dda6c84382a9a50c46c09eb922ad3407ebacff8cf0abc457af53fbeeb4b97ac8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1b6cfe8e8952e530d07417293389ec9f5d61b0b4d487c0dba9a727513160a
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
edfe8ad6ba999a481b8def9121030c695b1e8ee304f557c6e79bd3c27018135d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f16e7828359212d4854719fac741c1cb2cd5ee99be707bc8851cdc20fe9a14
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f4ed0398025745bb5fc2f7461bb86924de0a097278ea9c3b0d97218dbe7bdd09
f56171e5739b9ab13378977bc63aa43b3f6228c373c452373d5d0b8387552bb1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d1544bb47c74ef9a9b177a721c628aeff0be0f9f6a57b18769a7d67055c759
fc3c4d5593653dd2667e2e58311dc538e469d3e1eeb7cbf05781c7a12a4d518b

www.kesem.org Open in urlscan Pro 18.102.16.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

99 %HTTPS

55 %IPv6

35 Domains

48 Subdomains

43 IPs

5 Countries

5853 kBTransfer

21852 kBSize

27 Cookies

30 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kesem.org Open in urlscan Pro
18.102.16.191 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

99 %
HTTPS

55 %
IPv6

35
Domains

48
Subdomains

43
IPs

5
Countries

5853 kB
Transfer

21852 kB
Size

27
Cookies

182 HTTP transactions
2 data transactions