www.kesem.org Open in urlscan Pro
52.17.119.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://donate.kesem.org/
Effective URL:
https://www.kesem.org/
Submission: On May 16 via api (May 16th 2024, 1:04:31 am UTC) from US — Scanned from DE

Summary HTTP 181 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 36 domains to perform 181 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.kesem.org.
TLS certificate: Issued by R3 on March 20th 2024. Valid for: 3 months.

This is the only time www.kesem.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 54	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	99.83.190.102 99.83.190.102	16509 (AMAZON-02) (AMAZON-02)
2 2	63.35.51.142 63.35.51.142	16509 (AMAZON-02) (AMAZON-02)
1	52.17.119.105 52.17.119.105	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:21f... 2600:9000:21f3:2200:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:8ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223e:7400:1d:7a82:2900:93a1	16509 (AMAZON-02) (AMAZON-02)
6	18.66.112.105 18.66.112.105	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:6dfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f16c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
10	2600:9000:225... 2600:9000:2250:7e00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.33.187.42 13.33.187.42	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.57 13.32.99.57	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
12	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
12	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
8	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
6	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7574	() ()
181	41

54 2606:4700::6812:c55f (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

donate.kesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.83.190.102 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

campkesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.51.142 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-51-142.eu-west-1.compute.amazonaws.com

www.campkesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

www.kesem.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:21f3:2200:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:7400:1d:7a82:2900:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jetboost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.112.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-105.fra56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6dfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f16c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2250:7e00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.187.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-42.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-57.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.35 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (None, )

ASN- ()

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	classy.org 2 redirects sdk.classy.org — Cisco Umbrella Rank: 40061 www.classy.org — Cisco Umbrella Rank: 79806 prod-frs.content.classy.org — Cisco Umbrella Rank: 47577 pay.classy.org — Cisco Umbrella Rank: 52279 assets.classy.org — Cisco Umbrella Rank: 55409	1 MB
22	kesem.org 1 redirects donate.kesem.org www.kesem.org	103 KB
18	paypal.com www.paypal.com — Cisco Umbrella Rank: 2954 t.paypal.com — Cisco Umbrella Rank: 3518	179 KB
14	stripe.com js.stripe.com — Cisco Umbrella Rank: 1088	148 KB
13	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 6282	1 MB
10	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 6768	158 KB
9	gstatic.com fonts.gstatic.com	62 KB
8	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2599	18 KB
6	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 64019	136 KB
6	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 13850	538 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	433 KB
5	campkesem.org 5 redirects campkesem.org www.campkesem.org	488 B
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 64	16 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 4098 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4060 track.hubspot.com	27 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	31 KB
2	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14323	44 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 771	3 KB
2	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 33522	5 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
2	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 4386 forms.hsforms.com — Cisco Umbrella Rank: 4333	2 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4572 forms.hscollectedforms.net — Cisco Umbrella Rank: 4722	26 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	401 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3473	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2189	23 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	273 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	253 B
1	jetboost.io cdn.jetboost.io — Cisco Umbrella Rank: 43988	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	1 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2460	1 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
181	36

	Domain	Requested by
24	prod-frs.content.classy.org	donate.kesem.org cdn.transcend.io www.kesem.org prod-frs.content.classy.org
21	donate.kesem.org	1 redirects sdk.classy.org donate.kesem.org cdn.transcend.io www.kesem.org
14	js.stripe.com	cdn.transcend.io
13	assets-global.website-files.com	www.kesem.org assets-global.website-files.com
12	www.paypal.com	cdn.transcend.io www.paypal.com
10	cdn.transcend.io	donate.kesem.org cdn.transcend.io
9	fonts.gstatic.com	fonts.googleapis.com
8	www.paypalobjects.com	cdn.transcend.io www.kesem.org www.paypal.com
6	t.paypal.com	www.kesem.org
6	files.doublethedonation.com	donate.kesem.org files.doublethedonation.com cdn.transcend.io
6	uploads-ssl.webflow.com	assets-global.website-files.com
5	www.googletagmanager.com	www.kesem.org www.googletagmanager.com js.hsadspixel.net
4	pay.classy.org	cdn.transcend.io
4	www.youtube.com	cdn.transcend.io
3	campkesem.org	3 redirects
2	fonts.googleapis.com	cdn.transcend.io
2	assets.classy.org	www.kesem.org cdn.transcend.io
2	code.jquery.com	cdn.transcend.io
2	cdn.plaid.com	cdn.transcend.io
2	unpkg.com	cdn.transcend.io
2	htp.tokenex.com	cdn.transcend.io
2	static.cloudflareinsights.com	donate.kesem.org
2	www.classy.org	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.kesem.org connect.facebook.net
2	www.campkesem.org	2 redirects
1	track.hubspot.com
1	forms.hsforms.com	www.kesem.org
1	api.hubapi.com	js.hsadspixel.net
1	perf-na1.hsforms.com	www.kesem.org
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	www.facebook.com	www.kesem.org
1	www.google.de	www.kesem.org
1	region1.analytics.google.com	www.googletagmanager.com
1	sdk.classy.org	www.kesem.org
1	cdn.jetboost.io	www.kesem.org
1	cdnjs.cloudflare.com	www.kesem.org
1	js.hs-scripts.com	www.kesem.org
1	d3e54v103j8qbb.cloudfront.net	www.kesem.org
1	www.kesem.org
181	47

This site contains links to these domains. Also see Links.

Domain
kesem.force.com
kesem.my.site.com
docsend.com
go.kesem.org
donate.kesem.org
www.youtube.com
www.cancer.net
www.cancer.org
ar.iiarjournals.org
academic.oup.com
share.hsforms.com
www.facebook.com
kesem.tfaforms.net
instagram.com
twitter.com
www.linkedin.com
open.spotify.com
www.tiktok.com

Subject Issuer	Validity	Valid
www.kesem.org R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-23` - `2024-05-23`	3 months	crt.sh
cdn.jetboost.io Amazon RSA 2048 M02	`2024-03-20` - `2025-04-18`	a year	crt.sh
uploads-ssl.webflow.com Amazon RSA 2048 M02	`2023-07-29` - `2024-08-26`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2024-03-03` - `2024-12-31`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
donate.kesem.org Cloudflare Inc ECC CA-3	`2024-03-09` - `2024-12-31`	10 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hscollectedforms.net E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-17` - `2025-04-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2024-01-08` - `2024-12-14`	a year	crt.sh
unpkg.com GTS CA 1P5	`2024-04-01` - `2024-06-30`	3 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2024-03-12` - `2025-03-11`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-03-27` - `2024-06-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2024-03-08` - `2024-12-31`	10 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.kesem.org/
Frame ID: 5EE7D75EF5C711E7A6161E3456987614
Requests: 50 HTTP requests in this frame

Frame: https://donate.kesem.org/give/441200/
Frame ID: 818BDE34670A6C0014F7819BD411689F
Requests: 58 HTTP requests in this frame

Frame: https://donate.kesem.org/give/441200/
Frame ID: F5A447D4F2F20511A62FB5BF1CAB625A
Requests: 53 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 6A2825A22AF0F691A19851145345D5BF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html
Frame ID: 8E4819D6A5F8BC1FCB76617019F2061F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
Frame ID: 5034A860E16E79BAA20FD66D4E3C5FC4
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
Frame ID: 4A53FE5953398EF101E094154E403391
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
Frame ID: F12F1AEE7AB251B064D56763E0085C93
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
Frame ID: A747F956D0F8A62DEC56F0BB1A8EBBE0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B82A8C6BAD732B637A82B53AD894B39D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html
Frame ID: D2F79EF59D1DDBE4ABCDE3FD02850630
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
Frame ID: 8B16BE09D85C06B5675B0966BE65861E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
Frame ID: B960FC92300B65D0CAF9E614676CE68F
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
Frame ID: 0224EC30D81F5EAFAF85E8317437D045
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
Frame ID: D8133595D69898EC0A91830D72CC54DE
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_4f6fe7a480_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_7cb3eb03cd_mde6mdq6mjg&commit=false&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&enableFunding.0=venmo&env=production&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&merchantID.0=LSW58CRWW68HU&platform=desktop&renderedButtons.0=paypal&sessionID=uid_7cb3eb03cd_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUxTVzU4Q1JXVzY4SFUmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&sdkVersion=5.0.439&storageID=uid_c89ff0fdd8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 5F35907DB529A2F956B24942EA242E3C
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_1d61217b26_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_cd1f1c5fba_mde6mdq6mjg&commit=true&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&flow=billing_setup&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=tokenize&locale.country=US&locale.lang=en&platform=desktop&renderedButtons.0=paypal&sessionID=uid_cd1f1c5fba_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&sdkVersion=5.0.439&storageID=uid_c3dc8742e8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=true
Frame ID: 350E95B2F06665BEF3599128659B5564
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 9BEA9F68C36DF37D426017FDD157B929
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: FA7731CDDFD114148E051943918A64D9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 4FB90BB6E59A4DACE5E38EBE51658020
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 15C72B20D258E83FE645FD5CD2FC70DC
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: C24CCD44B05BE53F1FD2DCBC6FAE6161
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_c44714e5c8_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_7cb3eb03cd_mde6mdq6mjg&commit=false&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&enableFunding.0=venmo&env=production&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&merchantID.0=LSW58CRWW68HU&platform=desktop&renderedButtons.0=paypal&sessionID=uid_7cb3eb03cd_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUxTVzU4Q1JXVzY4SFUmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&sdkVersion=5.0.439&storageID=uid_c89ff0fdd8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=false
Frame ID: 19F7190E184ECD2836C062CF1222B12A
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 87EFFF61940194F492F33BE6A86C6E82
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_30d6364764_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_cd1f1c5fba_mde6mdq6mjg&commit=true&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&flow=billing_setup&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=tokenize&locale.country=US&locale.lang=en&platform=desktop&renderedButtons.0=paypal&sessionID=uid_cd1f1c5fba_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&sdkVersion=5.0.439&storageID=uid_c3dc8742e8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=true
Frame ID: 746DAFE2252029109C5FF3197BC0F95C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free, fun support for kids whose parents have cancer | Kesem

Page URL History Show full URLs

http://donate.kesem.org/ HTTP 307
https://donate.kesem.org/ HTTP 301
http://campkesem.org/ HTTP 307
https://campkesem.org/ HTTP 301
https://www.campkesem.org/ HTTP 301
https://www.kesem.org/ HTTP 307
http://campkesem.org/ HTTP 301
https://campkesem.org/ HTTP 301
https://www.campkesem.org/ HTTP 301
https://www.kesem.org/ Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

100 %
HTTPS

60 %
IPv6

36
Domains

47
Subdomains

41
IPs

5
Countries

4373 kB
Transfer

20902 kB
Size

28
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://kesem.force.com/s/?language=en_US
Title: Click here

Search URL Search Domain Scan URL

URL: https://kesem.my.site.com/
Title: Register your child today.

Search URL Search Domain Scan URL

URL: http://kesem.force.com/
Title: Register Your Child

Search URL Search Domain Scan URL

URL: https://docsend.com/view/envyr6kvk58dbbv5
Title: 3-Year Strategic Plan

Search URL Search Domain Scan URL

URL: https://go.kesem.org/new-programs
Title: Day Programs

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/give/509507/#!/donation/checkout
Title: make a donation

Search URL Search Domain Scan URL

URL: https://go.kesem.org/new-programs?_gl=1*1c8p1ak*_ga*MTI4MDkyNTg0MC4xNjkzNTg3ODky*_ga_XHZ6HDQSLZ*MTcxMzM3NDg0OS45MC4xLjE3MTMzNzQ4NzkuMC4wLjA
Title: KESEM BETTER DAYS

Search URL Search Domain Scan URL

URL: https://donate.kesem.org/givetoday
Title: make a donation

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=8D7w4IZHdG0

Search URL Search Domain Scan URL

URL: https://www.cancer.net/coping-with-cancer/talking-with-family-and-friends/talking-your-children-about-cancer
Title: let your children know about your cancer diagnosis

Search URL Search Domain Scan URL

URL: https://www.cancer.org/research/cancer-facts-statistics/all-cancer-facts-figures/cancer-facts-figures-2021.html#:~:text=Estimated%20numbers%20of%20new%20cancer,factors%2C%20early%20detection%2C%20and%20treatment
Title: two million people were diagnosed with cancer in the US in 2021

Search URL Search Domain Scan URL

URL: https://ar.iiarjournals.org/content/37/8/4025
Title: higher risk of emotional and behavioral problems

Search URL Search Domain Scan URL

URL: https://academic.oup.com/jpepsy/article/47/9/1031/6590001
Title: indicate symptoms of posttraumatic stress disorder

Search URL Search Domain Scan URL

URL: http://kesem.my.site.com/
Title: sign your child upToday!

Search URL Search Domain Scan URL

URL: https://share.hsforms.com/1dF9GJZ7KQRO30ty1rYKqPQdvyaa
Title: Join Our Newsletter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/kesemnationwide.
Title: Join our Facebook Community

Search URL Search Domain Scan URL

URL: https://kesem.tfaforms.net/f/emailoptin
Title: Sign up for Text

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CampKesem/

Search URL Search Domain Scan URL

URL: https://instagram.com/kesem

Search URL Search Domain Scan URL

URL: https://twitter.com/campkesem

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kesemnational/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CampKesemNational

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/ja7q8tdbnz82aedjwerpeicxr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@kesemnationwide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://donate.kesem.org/ HTTP 307
https://donate.kesem.org/ HTTP 301
http://campkesem.org/ HTTP 307
https://campkesem.org/ HTTP 301
https://www.campkesem.org/ HTTP 301
https://www.kesem.org/ HTTP 307
http://campkesem.org/ HTTP 301
https://campkesem.org/ HTTP 301
https://www.campkesem.org/ HTTP 301
https://www.kesem.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.classy.org/give/441200/ HTTP 302
https://donate.kesem.org/give/441200/

Request Chain 32

https://www.classy.org/give/441200/ HTTP 302
https://donate.kesem.org/give/441200/

181 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kesem.org/
Redirect Chain

http://donate.kesem.org/
https://donate.kesem.org/
http://campkesem.org/
https://campkesem.org/
https://www.campkesem.org/
https://www.kesem.org/
http://campkesem.org/
https://campkesem.org/
https://www.campkesem.org/
https://www.kesem.org/

72 KB
15 KB

247ms
247ms

Document
text/html

52.17.119.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7959159e006fef16487d93cca3baeb7b3b56f7e3d8ffec26f759f1acd8187e38

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 15398
content-type: text/html
date: Thu, 16 May 2024 01:04:24 GMT
vary: x-wf-forwarded-proto, Accept-Encoding
x-cache: HIT
x-cache-hits: 1
x-cluster-name: eu-west-1-prod-hosting-red
x-lambda-id: b66ff7c1-5653-4634-ab1d-243a7046c4bc
x-served-by: cache-dub4322-DUB
x-timer: S1715821464.397008,VS0,VE210

Redirect headers

accept-ranges: bytes
cache-control: private
content-length: 166
content-type: text/html
date: Thu, 16 May 2024 01:04:22 GMT
location: https://www.kesem.org/
vary: x-wf-forwarded-proto
x-cache: MISS
x-cache-hits: 0
x-cluster-name: eu-west-1-prod-hosting-red
x-served-by: cache-dub4364-DUB
x-timer: S1715821463.569903,VS0,VE115

GET
H2 200 kesem-rebuild.webflow.f5892780e.css
assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/ 259 KB
42 KB 47ms
11ms Stylesheet
text/css 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95b9c7f0a76b37346f4a79c045b3424bf5dc093fc41d343e98d2d55f9c657e3f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: nF8C0qBL0j1_7ZtYslX2rZ2OhzHEAwyW
content-encoding: gzip
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 20:37:32 GMT
age: 24582
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 42422
last-modified: Tue, 14 May 2024 17:28:08 GMT
server: AmazonS3
etag: "1a3374951d22150308fa6122fe8e5709"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: NxkiFCvSZUj-fdnB8Q4t4o3OxgKOWgvXxRA9Vjolsw2MwqcFKQwpbg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-30205020-1

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e18ea649e6a7f2a8ff1b16c72e677d382a0dcb718431995718aaa92d8ef75b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71043
x-xss-protection: 0
last-modified: Thu, 16 May 2024 00:08:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 01:04:24 GMT

GET
H2 200 617c4f2fb4ff3b3ec9e6ab38_Close.svg
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 627 B
1 KB 47ms
12ms Image
image/svg+xml 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/617c4f2fb4ff3b3ec9e6ab38_Close.svg
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8f4818795d8ba29ef00851bfb7ff38be7e1a6380b306adbf4aed829d352c080

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 31 Mar 2024 18:22:13 GMT
x-amz-version-id: _TY10IHGAZ17pGgEdnN4JyBIIWI1xyea
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 3912132
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 627
last-modified: Fri, 29 Oct 2021 19:44:48 GMT
server: AmazonS3
etag: "d61b39b32036a9a78b5c0e8b4d22f2f3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ry35m2hBY_Ls1-I61jFfGmdkIbpyH_xFdWa8kSjYHAMtQ-8pKr9B3Q==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 38ms
7ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=615b7d5e77217e9ff469ea49
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:35:23 GMT
content-encoding: gzip
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
age: 69561
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: YoQKQMntQyyFaxXFg7w9ynX1tSjKbcYSVMVfZJAnOopqSOdOJKGYtg==

GET
H2 200 webflow.9141a9cbd.js Show response
assets-global.website-files.com/615b7d5e77217e9ff469ea49/js/ 350 KB
82 KB 17ms
12ms Script
text/javascript 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/js/webflow.9141a9cbd.js
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee70909cd2d25edad689d994f6c75385a9eef2565ce88c014594c3c25f72e812

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: dRLVaGYJF9sAPlmHekuBHbAfA4Z7RW8p
content-encoding: gzip
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 20:37:32 GMT
age: 24582
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 83327
last-modified: Tue, 14 May 2024 17:28:08 GMT
server: AmazonS3
etag: "b335f4bae6bafcb0df37b4325e3c12ca"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Pu4hL4dDQSKZMui2qpKpSK3sucDFPeX_Dn7mQCOC2a-AfxgLmbXY2w==

GET
H2 200 23325778.js Show response
js.hs-scripts.com/ 2 KB
1 KB 323ms
298ms Script
application/javascript 2606:4700::6810:8ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/23325778.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09cd925c1e2639f2807c84392df88dd8dd77fa9664a869e9d17a823fc0361a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9bdc0626-01c3-46cc-be8d-bfc262c4982c
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9bdc0626-01c3-46cc-be8d-bfc262c4982c
last-modified: Thu, 16 May 2024 00:13:08 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.kesem.org
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-rgk8x
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 8847741a8f1f5bed-FRA
expires: Thu, 16 May 2024 01:05:55 GMT

GET
H3 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/ 2 KB
1 KB 29ms
15ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 18569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 746
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-699"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rU%2FD0kMkREFonatc6kKdLrASR2q1CDGe7SgPbWAtVfIILV%2F7KCCmxWDXnxXgD0H2sBe3P3FDDM5Cbjf3okHa17gpA5s%2BXlymu6AZuWVO3sQswQbnuiCl7o%2BIeYvA3IGBzBeDTKaD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8847741a697a19ad-FRA
expires: Tue, 06 May 2025 01:04:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 33ms
11ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 May 2024 01:04:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2772, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma: public
x-fb-debug: Jh9dAq2TS+GXrueq4KWPXzJyEPdjv6UGCxe/J7lEH3hkg6SlwsTKrqdmWPkx5apmcXAk8+v+IJbuE4vHLnQkGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jetboost.js Show response
cdn.jetboost.io/ 12 KB
4 KB 62ms
7ms Script
text/javascript 2600:9000:223e:7400:1d:7a82:2900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jetboost.io/jetboost.js
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7400:1d:7a82:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 06:20:26 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 16:36:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 67439
etag: W/"90f20e8472ce5be54d6aec168f3aa8cd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: eSBYIe84wSFsbHFa7XjLSJjpnobSNsml5VXzvvKLM6IpAmDPCLd8aw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
97 KB 33ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d709684ea57a8b951806b5e62ace68a2737bdb245c4205f5d22ff7b57bdcc2c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99368
x-xss-protection: 0
last-modified: Thu, 16 May 2024 00:08:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 01:04:24 GMT

GET
H2 200 6164fcef47fce26c5246f57e_Search.svg
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 622 B
1 KB 17ms
10ms Image
image/svg+xml 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6164fcef47fce26c5246f57e_Search.svg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fca56e0b11525635f30214b19a3b2aabb09f655ebf813cfb1465387970db2a5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 18 Feb 2024 19:50:08 GMT
x-amz-version-id: Z8YRqC_F2gIAyiyb4amZd8qlcYxF.SuU
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 7535657
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 622
last-modified: Tue, 12 Oct 2021 03:11:45 GMT
server: AmazonS3
etag: "c0459b45ac56c5761c57499116c6a096"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: kvMV8EK2UyY5X5Lzfwvb58ZpXKm5N_SiYEuKX46nH8nnTpNJ9qJmhQ==

GET
H2 200 61689d1c6b25d86589eedcf4_kesem-student-leader-with-camper.jpg
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 162 KB
162 KB 19ms
11ms Image
image/jpeg 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/61689d1c6b25d86589eedcf4_kesem-student-leader-with-camper.jpg
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d425f837ebda7c908269b70c7cfc6a3145ec216f869e8377c2f17ac3b3ab888f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 11:16:24 GMT
x-amz-version-id: QSTm3KKXsgVv4m5VFYBLROkBdswTH5Y6
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 3073680
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 165458
last-modified: Thu, 14 Oct 2021 21:11:58 GMT
server: AmazonS3
etag: "dffca6504412dcf2bc1b59a0d10223c2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: BuY8mhGVnhejIzvX5w_-vRp4ONZnrLFAXyIwATU9GoTdthQDo0hy7Q==

GET
H2 200 6579ef66817f30cc43a76bf9_Kesem%20Map_122023.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 417 KB
418 KB 25ms
18ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6579ef66817f30cc43a76bf9_Kesem%20Map_122023.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40674cc74092d70dbcfd9f4cbbae9fff87e71404a9a2f4b57b6270557579a3d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 12 Feb 2024 08:25:04 GMT
x-amz-version-id: 4xsypQSRJOWXLyuYdfcRE5A88u2pVpfS
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 8095161
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 427213
last-modified: Wed, 13 Dec 2023 17:52:41 GMT
server: AmazonS3
etag: "e2c63f36911329a9d6dd6f8cd4ce106e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: i0uW0fuHVO0dFTXjPCQyfu5CgzIThae_Lt-M369DvWnUiTnxMdcmKA==

GET
H2 200 615b832dd31fcb596b7efa34_AvenirNext-Bold-01.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 319 KB
106 KB 97ms
51ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832dd31fcb596b7efa34_AvenirNext-Bold-01.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54786df2c038ac72cdff7ea06a978deb83c80ea470a0ea6fb271d486801be773

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Dec 2023 17:58:07 GMT
x-amz-version-id: jovlRTxS2bxPHKbAHZpNvjntIJTkCbIn
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 12639978
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Oct 2021 22:44:17 GMT
server: AmazonS3
etag: W/"61887e1e950488f7a52971725b2ebda6"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 6YvU7B0KBeNUh7_iDfJlXrwiGSNNWFYsiDPgXvpT6A6Vkso56WdLzw==

GET
H2 200 615b832da1be5c67094e60dc_AvenirNext-DemiBold-03.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 258 KB
93 KB 55ms
9ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832da1be5c67094e60dc_AvenirNext-DemiBold-03.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c5465973630c3de4b1e6845c4a7bd6c82a8d3dca0017ed6919bf39f376ecedb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Dec 2023 17:58:07 GMT
x-amz-version-id: Oi5FFNu_jnft0VLOBfS3xUpPuEAOYYry
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 12639978
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Oct 2021 22:44:17 GMT
server: AmazonS3
etag: W/"2538a3f00a198337bb2911bd6f3182ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: SbMgqEFS1oal-mGgRpi_vHFL5G9-YOC4_1W2jlr9w6GifyixAM3oGA==

GET
H2 200 615b832d26553e6afb492002_AvenirNext-Medium-06.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 271 KB
95 KB 82ms
37ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832d26553e6afb492002_AvenirNext-Medium-06.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43f03a6879c657b1c23366307c501a0df1319a9738394ad10be141efb295f2fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 17 Dec 2023 17:27:42 GMT
x-amz-version-id: Zr7KX7nVAMxoVw4M72MdGuW4orPozwte
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 12987402
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Oct 2021 22:44:20 GMT
server: AmazonS3
etag: W/"597381f75a1b983328f95e3966e929f6"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: -KhzG909m-OXQjDDUopTzgVeJFFZ7FyefPUklbJ5W8sXwpnPkON4zw==

GET
H2 200 6164dea52a26695ccd55a022_Girl-Boss-Script.woff
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 64 KB
64 KB 88ms
43ms Font
application/x-font-woff 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/6164dea52a26695ccd55a022_Girl-Boss-Script.woff
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d48f66ef07e7cbcace87f5c3c51c11655dcc21c2af1cb9791bc6c58b52f2bae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Dec 2023 17:58:07 GMT
x-amz-version-id: M2W1u4JygU5g0a3r.9BDgZ4sIO6tfMZj
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 12639978
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65408
last-modified: Tue, 12 Oct 2021 01:02:30 GMT
server: AmazonS3
etag: "93ea7a555d234a2c95efc2f6acb04efc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: E8_PwoGlo_hL8bQf-N5tMhXfJqBvEmcYyH3YjB7H0YVsf_dl0lg1ww==

GET
H2 200 618b1601897687ba8c951d49_BigCaslon.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 218 KB
92 KB 85ms
39ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c63f9782e146d480542091034f902dc5785016bf269ba41331ab96494bcfd7d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 21 Dec 2023 17:58:07 GMT
x-amz-version-id: pJT0QNGgYRRCy_QWwRdI6mx6sMKqIXP5
content-encoding: gzip
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 12639978
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Nov 2021 00:44:50 GMT
server: AmazonS3
etag: W/"ec50ac41f55e7d9116affd7d05c1f656"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: fNVYCAHYKtMJ4iCoVQUkafyyyOqUKB-oO-Ss9xaEWDmtNMSAiD3SmA==

GET
H2 200 615b832d1fbfb136145c5d7a_AvenirNext-Regular-08.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 411 KB
87 KB 90ms
45ms Font
application/x-font-ttf 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832d1fbfb136145c5d7a_AvenirNext-Regular-08.ttf
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.f5892780e.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets-global.website-files.com/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 16 Dec 2023 06:22:31 GMT
x-amz-version-id: .aFR449H7RCWv7VFFv4Bsr88m_QNSmOl
content-encoding: br
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age: 13113714
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Oct 2021 22:44:22 GMT
server: AmazonS3
etag: W/"4d8fdeb265ff6d34fb3bd8e4292665c0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: -_yhU0I4bQr0ubP-Dr3xqKHw-RchY_lbl0JYMmd41I-BLxIzQTR0Dw==

GET
H2 200 66214201f82283bc307b781d_5275668f132eefbcaf0ab526fc0de58b-p-500.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 14 KB
14 KB 21ms
20ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/66214201f82283bc307b781d_5275668f132eefbcaf0ab526fc0de58b-p-500.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96f1c1df4ce63dc4305288287761e42834f839182a5e3f6c116ba68ac4e27495

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 05:34:53 GMT
x-amz-version-id: 04Y.sAUb7dhz6zfVjQBGOvLDW1q8lqlP
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 502171
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14161
last-modified: Thu, 18 Apr 2024 15:53:45 GMT
server: AmazonS3
etag: "b027b4e7d0c657b16ab3ae25ec344559"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: T10U8LTCo27ns3U2YJxVceX3MuZabrG7gg-YmdFiM1fIM1KD-ECLFQ==

GET
H2 200 6168a6b6899d6f13c4534c85_home-video-thumbnail.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 310 KB
311 KB 25ms
24ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6168a6b6899d6f13c4534c85_home-video-thumbnail.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d345d07713f4280375b721453f58ebf61d3bb3aec11b7db446caec100cf17afb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 Nov 2023 02:07:02 GMT
x-amz-version-id: o0x5uGZDz8.JNpICkufaCM701soCfqGA
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 15029842
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 317337
last-modified: Thu, 14 Oct 2021 21:52:56 GMT
server: AmazonS3
etag: "82d54efe2ab409416ea0383379f85be1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: SUh3bH7W3jr9otCJGQtEF3XLpPIpv0yG6EvNASHe7tBjidZc7PMiFw==

GET
H2 200 6168ae19a1801221109f46e7_green-heart-rate-icon.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 2 KB
2 KB 21ms
21ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6168ae19a1801221109f46e7_green-heart-rate-icon.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41b57b9b5a01d7b8e6879e3c3552abc405ac4fddfbebfb04bdfcf110a7f86350

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Jan 2024 18:26:14 GMT
x-amz-version-id: MxsEgxWWFixv_Gcdsqe0YFs2.CZidwTS
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 9268691
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1541
last-modified: Thu, 14 Oct 2021 22:24:27 GMT
server: AmazonS3
etag: "9d9d9d481200f345fd729d012ffb5f1b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: -7evzrXzGEQDcF9hcQcfa5fy25LoPyE1ZoNT9Qb4Hp0WyUZ5T8AOnw==

GET
H2 200 6168ae19d0b9cd511b7f128b_heart-icon-outline.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 1 KB
1 KB 23ms
23ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6168ae19d0b9cd511b7f128b_heart-icon-outline.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ef9251e28651c4c8d6a5ae92fc332b7a6e27f939e9af77ec3c92827d59fe29c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Jan 2024 18:26:14 GMT
x-amz-version-id: pB1KIBMB3a4STYEWU2tufSm.ux8omMTi
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 9268691
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1080
last-modified: Thu, 14 Oct 2021 22:24:27 GMT
server: AmazonS3
etag: "99692becf7a30ca2fdb2c2ca4de74093"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: sPBKJXFmU7d7bOj7RVyjJ1rKAqOuc_3UdGVU6F4WhwLLfDhdaxJEBg==

GET
H2 200 6168ae1993b7b032f48a2ec5_double-heart-icon.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 1 KB
2 KB 22ms
22ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6168ae1993b7b032f48a2ec5_double-heart-icon.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ddec7493b356e5f7e21af957a903f128542111be58cb136558cb5f751ce1f43

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Jan 2024 22:08:51 GMT
x-amz-version-id: ztAuLFNzOSm3bP3Bh44yazFD1HhPfoTg
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 10551334
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1225
last-modified: Thu, 14 Oct 2021 22:24:26 GMT
server: AmazonS3
etag: "84f18f604761345c076f6c49514f6865"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: UpQ6JtXi7j9kmzVfFU7UUcIXrLW2ZkQV1kSv6_a_b9HwaAS_dvno7g==

GET
H2 200 6168ae199652ec779a7650b8_heart-icon-filled.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 728 B
1 KB 24ms
24ms Image
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/6168ae199652ec779a7650b8_heart-icon-filled.png
Requested by: Host: www.kesem.org
URL: https://www.kesem.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2f16e7828359212d4854719fac741c1cb2cd5ee99be707bc8851cdc20fe9a14

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 12 Feb 2024 08:25:04 GMT
x-amz-version-id: _OW_7U_e_IUVRGeGJKM1ZKqc_ZcSf9.v
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 8095161
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 728
last-modified: Thu, 14 Oct 2021 22:24:26 GMT
server: AmazonS3
etag: "93966bced5f97c637e61a261051e8ab7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 0AKQE8PMf0d32EH3s6-yX0ImoW7ivDlD2pXyQlV2k-YSpXQ1BXVd8Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30205020-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 May 2024 00:20:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2637
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 May 2024 02:20:27 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 42 KB
11 KB 83ms
35ms Script
text/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de149fdb73c38fd7b31224939499d1f0c08e9e7a9176ffcfa6a9dba745bc0b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 724
x-amz-request-id: T66FX2EEZYC00FVD
x-amz-server-side-encryption: AES256
x-amz-id-2: IoV0wLA49RSnAFD5MZHYqTfS430TqrTrCD13f2rCtW06ypVWMAVPXZB4mR6h5BbCC7Zqcf1ZB+NHaIHDEjRnSMG/9KmUB3BwJKsEc7wtr/A=
last-modified: Wed, 28 Feb 2024 00:36:19 GMT
cf-bgj: minify
server: cloudflare
etag: W/"0d38882749afaf74ce66d0b8ffa904f3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 8847741b1d2e4daf-FRA

GET
H2 200 1106316670747099 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 78ms
77ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1106316670747099?v=2.9.156&r=stable&domain=www.kesem.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a3bc5df27e7e5e53ddac9ec7428666820a20eaef940d044fc81be3d658d6d1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 May 2024 01:04:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=64, mss=1294, tbw=63362, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: public
x-fb-debug: R9zjCoC3Tw9J3Ev+02Ye4xlF2+XTALJSUwMuabAaFzZn7kRyD89Dxz6/Amv2YT7CHGIQGQtbmWrtBWUTdAX1Iw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 26ms
25ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QY37YFZRTW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHW4H92

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d3351eb8605b8a76e0fceac4819e348b297bca9d88c405c7077d24a0b968c475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102502
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 May 2024 01:04:24 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 15ms
15ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=831901270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kesem.org%2F&ul=de-de&de=UTF-8&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=473991960&gjid=1617362075&cid=835068250.1715821465&tid=UA-30205020-1&_gid=726304416.1715821465&_r=1&gtm=457e45f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=503872366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:04:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kesem.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30205020-1&cid=835068250.1715821465&jid=473991960&gjid=1617362075&_gid=726304416.1715821465&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1259833710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 May 2024 01:04:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kesem.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
donate.kesem.org/give/441200/ Frame 818B
Redirect Chain

https://www.classy.org/give/441200/
https://donate.kesem.org/give/441200/

108 KB
34 KB

666ms
664ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/give/441200/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411b8b622d4b3b896c01b3235a8205cd1d2b7db6f8cfd2dffd239c44a717c144

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.kesem.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8847741e5d1d9b40-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8847741bc968bb32-FRA
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:25 GMT
location: https://donate.kesem.org/give/441200/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

GET
H2

200

/ Show response
donate.kesem.org/give/441200/ Frame F5A4
Redirect Chain

https://www.classy.org/give/441200/
https://donate.kesem.org/give/441200/

108 KB
33 KB

842ms
787ms

Document
text/html

2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/give/441200/

Requested by

Host: sdk.classy.org
URL: https://sdk.classy.org/embedded-giving.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4a0956c536b1d7dc3b6828e03114fe3d5c9cbf1d61baa604fca9cc19ffed27

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.kesem.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 884774228e929b40-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:26 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8847741e5aa5bb32-FRA
content-security-policy: frame-ancestors 'self' https://www.kesem.org;
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:25 GMT
location: https://donate.kesem.org/give/441200/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QY37YFZRTW&gtm=45je45f0v9180703205z8896153047za200&_p=1715821464694&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=835068250.1715821465&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715821464&sct=1&seg=0&dl=https%3A%2F%2Fwww.kesem.org%2F&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&en=page_view&_fv=1&_ss=1&tfd=3611
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QY37YFZRTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:04:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kesem.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 20ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QY37YFZRTW&cid=835068250.1715821465&gtm=45je45f0v9180703205z8896153047za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QY37YFZRTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:04:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kesem.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 35ms
18ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QY37YFZRTW&cid=835068250.1715821465&gtm=45je45f0v9180703205z8896153047za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=251121211

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 16 May 2024 01:04:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 24ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1106316670747099&ev=PageView&dl=https%3A%2F%2Fwww.kesem.org%2F&rl=&if=false&ts=1715821464936&sw=1600&sh=1200&v=2.9.156&r=stable&a=plwebflow&ec=0&o=4126&fbp=fb.1.1715821464935.1801529356&ler=empty&cdl=API_unavailable&it=1715821464784&coo=false&rqm=GET

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1294, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 May 2024 01:04:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 146ms
110ms Script
application/javascript 2606:4700::6810:6dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
via: 1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7c116629-d504-4a8e-b9f8-edb7ca4c6bf7
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=8847741c9a65bbd9-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7c116629-d504-4a8e-b9f8-edb7ca4c6bf7
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
cf-ray: 8847741c9a65bbd9-FRA
x-amz-cf-id: R5_5xPRmx9crz4ojfM7DhQs0FW3Nna7v_8V8tRay5BcMpF8hCLWAxA==
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 53ms
21ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
x-amz-version-id: mFY3j4a3uPqa1nxwSjuH9WwSOlmw5rRi
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 14
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.557/bundles/pixels-release.js&cfRay=884773c4f9dcbbc7-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 17206e6d-0351-4ddb-95b9-b642f8a38b39
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 17206e6d-0351-4ddb-95b9-b642f8a38b39
last-modified: Mon, 13 May 2024 14:08:11 UTC
server: cloudflare
etag: W/"c43db96a42a0426e882c9ce0209630a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wlmbb
cf-ray: 8847741c9f141983-FRA
x-amz-cf-id: FoMTRMiySKr0heWcr79ur0FIIvvGDkxBWo1Fo_g47s1hKYp03RVdkw==
x-hs-target-asset: adsscriptloaderstatic/static-1.557/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/23325778/ 71 KB
23 KB 328ms
293ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/23325778/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057201a525f69be664356f0719eed28131b6a0cb18cd53cb583eb027b740c813

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
x-amz-version-id: U3GvR2rVZrKfppLj7ZBqWNQowUN0PTxA
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: M7J6AZ8QJ1QQPACF
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a1951321-1a02-40e4-bba9-fb6db2459c0b
x-envoy-upstream-service-time: 56
x-amz-id-2: KpZ3Fou+wfjgl12MPCpQBImcx+CMlAoKJwERC3G5q5SZkwS6qSMAufCvpo3dyhHQOIds7eNa+WtDQPGcyH9rMhgB2QeN2kBiUwL8IJYzfmI=
x-evy-trace-listener: listener_https
x-request-id: a1951321-1a02-40e4-bba9-fb6db2459c0b
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 16:54:16 GMT
server: cloudflare
etag: W/"0233113f06c589bbcd9cd9613e90caf8"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.kesem.org
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8847741c9a086ae1-FRA
expires: Thu, 16 May 2024 01:09:25 GMT

GET
H2 200 23325778.js Show response
js.hs-analytics.net/analytics/1715821200000/ 67 KB
21 KB 211ms
173ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1715821200000/23325778.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5702d5db95b9827c7d44234c84c43422acfb9a068f80521848a7ab63b9fa5c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2MZ0Z6HPX8GEQTCT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1ad398e8-b5aa-431c-af0c-cd4e3c5c4f0d
x-envoy-upstream-service-time: 65
x-amz-id-2: bWus/T4zHyWYAFddBPLQTOfcOaFO79fDzsVS0a+nIsZRRIxK9jfuedgvB2i39sqOzReV30/nOqE=
x-evy-trace-listener: listener_https
x-request-id: 1ad398e8-b5aa-431c-af0c-cd4e3c5c4f0d
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 24 Apr 2024 18:54:22 GMT
server: cloudflare
etag: W/"09c1917c2151021f507269d2ee9e2f6f"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8847741c9f589001-FRA
expires: Thu, 16 May 2024 01:09:25 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
25 KB 165ms
130ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/23325778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6683ec2fb825072bc67ba2b4831425951dc365245d5334ca6f2150f50e1590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Origin: https://www.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1122/bundles/project.js&cfRay=8847741c99313666-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"fa60ef0d372e46facb8180b2d901ba81"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1122/bundles/project.js
date: Thu, 16 May 2024 01:04:25 GMT
x-amz-version-id: TKnbzs9HpFoaV4UGBsfs5UANej3HQBO9
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: cb5416e9-e4ac-4d95-b6fc-d10e005c3222
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-request-id: cb5416e9-e4ac-4d95-b6fc-d10e005c3222
last-modified: Tue, 14 May 2024 11:26:52 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i298H1xGQ5aW2VKUphJwl%2FaLSaeJxpt%2FOKdXTIhbR%2BJOXGkqElCr3BCHoWFt66tl%2Bo8NbtF%2F6L9IQ%2B2F%2Boy%2Bc8uFEAznr6c%2BW2wks17qll8rT2bzob8iA%2BpT1BemlwKGT5za54mH1kTCG2CL"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-r5jtt
cf-ray: 8847741c99313666-FRA
x-amz-cf-id: FV2z95tYlsQlBANOLg5XphxOPe0larGSvCLn6Bfe87Mp4kGrJUyCUA==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 433 B
1 KB 128ms
128ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=23325778&currentUrl=https%3A%2F%2Fwww.kesem.org%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7346de24-ceaa-4aa1-8881-5ff3e654c058
content-encoding: br
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7346de24-ceaa-4aa1-8881-5ff3e654c058
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kesem.org
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rJ7%2BOIaiHcCahCAebCefH%2F%2FLgvdMJTag%2B%2BVEAAKTb%2FiL0UBzBTmSEnzzlyLwKTnv9YqBTUbJhZs%2FwZcC%2BfXwyXwr9SCTuICHhMM%2FarTsJd3cc2Cz5uApWK9RqRbncYOl9Ulm1IIkqYqUeXoqKuoC65c0QjNOFy%2BWus%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8847741d99943666-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
450 B 199ms
198ms XHR
application/json 2606:4700::6810:6dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=23325778&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d528489716a3043d17ff4ba166292762d17404f48d5cef086c9cf26d86bdde94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd5039b9-fd28-4047-941a-b03d5e7ecc18
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd5039b9-fd28-4047-941a-b03d5e7ecc18
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kesem.org
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wlmbb
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8847741d9b07bbd9-FRA

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
921 B 136ms
111ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4ca84a9f-a032-4898-b53b-edbeb7df34fc
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4ca84a9f-a032-4898-b53b-edbeb7df34fc
last-modified: Thu, 16 May 2024 01:04:25 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8847741e8804bbfe-FRA

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 117 B
1 KB 153ms
125ms XHR
application/json 2606:4700::6812:f16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=23325778

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f56171e5739b9ab13378977bc63aa43b3f6228c373c452373d5d0b8387552bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b1ba5659-9246-44b4-ba8d-3f16bd70ed10
content-encoding: br
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b1ba5659-9246-44b4-ba8d-3f16bd70ed10
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kesem.org
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-2hls6
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7VDZ4BFK0QcvF1kZxh%2By4PME14qs4sPKUpxmet9WMWJwhHvpKtxutR%2Fi%2FxJc6iBv%2Bj3O3jEgExaA8dMnkg6VnniBDYd0T0L1KK0q9ZDQhc2MsY0vbImcM3HeydWV76OrNeA%2BKjt3xGGoG0E"}],"group":"cf-nel","max_age":604800}
cf-ray: 8847741eae7891fb-FRA
access-control-allow-headers: *

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
850 B 131ms
122ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fc824d86-ba77-419a-992f-92c50bc10ae5
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fc824d86-ba77-419a-992f-92c50bc10ae5
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rcnzv
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8847741ee85cbbfe-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 21ms
20ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016492874

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f73bc18e0120b5c083eacf2b94f51e9ef824e427daafe4c337ee24605936902d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84797
x-xss-protection: 0
last-modified: Thu, 16 May 2024 00:08:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 01:04:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 21ms
21ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11016492874&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30205020-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0edd392d36a0cc9d8c1546e525ae2be75c6b8f095dac1d741c5d790e96a136dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84855
x-xss-protection: 0
last-modified: Thu, 16 May 2024 00:08:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 May 2024 01:04:25 GMT

GET
H2 200 main.css
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/ Frame 818B 1 MB
147 KB 56ms
46ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bdd511e21c4792a2d9ba2aaeac5b53d64d07e1389e4477055336fc7e8d46bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: 9_FVJ.YBHHYRkyCph5npC5XQPqLAzplb
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 6144
x-amz-cf-pop: FRA60-P1
cf-polished: origSize=1160521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: W/"92b9e33143e83006fdbbc548a09c23f0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 88477423aa134daf-FRA
x-amz-cf-id: kWZW3gmvKlRYD5C_1LuV34n3ralayOK4l1HcypHG-Z84LyTLCJ_qrQ==

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame 818B 141 KB
17 KB 51ms
9ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 1641
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 18:08:41 GMT
server: ECAcc (frc/4CF6)
etag: 0x8DC7440E31C93B0
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: 0915426c-a01e-005c-6029-a7105f000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Thu, 16 May 2024 02:04:26 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 818B 151 KB
50 KB 51ms
7ms Script
application/javascript 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9e03c1e7197d2ff12e1a69c9d46a039c32b395c995f7f718afe2227f95137b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: br
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: td63hQ0nVpr-SSQUqE1KEhyyhPjiisFwMcqCt5t-MqfY_WMtfWtytA==
x-xss-protection: 1; mode=block

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ Frame 818B 0
0 101ms
99ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://files.doublethedonation.com/app/ddplugin.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 16 May 2024 02:04:26 GMT
x-ms-request-id: 84c3617a-201e-000f-362c-a7336b000000
date: Thu, 16 May 2024 01:04:26 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 rocket-loader.min.js Show response
donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 818B 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/give/441200/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
content-encoding: gzip
etag: W/"663b4689-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 884774242f1a9b40-FRA
expires: Sat, 18 May 2024 01:04:26 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 818B 19 KB
7 KB 66ms
46ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88477424690f9f1a-FRA

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 818B 26 KB
12 KB 25ms
8ms Script
text/javascript 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5fb6ac6806675225d34733477016d91f6a07b9594318355c7ae848bfe7567af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qYd_CnuRpdW_F6IVsyOpV1aUwTwSy9KK
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 05:19:12 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 81237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"3ce606e14c2f6042673093087105b15b-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: 1-ounEI5TqX6Q2rpJTGU6Ld58U3R9QnYTX5wv-Fah-HOtqesn3Kz4g==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 818B 311 KB
86 KB 19ms
9ms Script
text/javascript 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

202cf3174ffa2f5624974ea489fd0bb81e4af324bf96eb4e076ae477aa91f90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .BLCwM604ZT4jVeYBde7et7vS6tuxeTD
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 06:01:19 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 68589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"5900b2c974fc9d0b2cb49777d06bbb17-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: L3kq9lc_sn_uq5Ij_x8_8smyXHDjL-DOG9HzWUie-jQ57--_T7e9aA==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame 818B 19 KB
5 KB 519ms
132ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e562cfda9a2c721f7565dc3c81b675733cac3443c6d9763392bf9905aa5fe7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 May 2024 01:04:26 GMT
last-modified: Tue, 14 May 2024 17:26:52 GMT
etag: "0d6c2e823a6da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4931
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame 818B 7 KB
3 KB 43ms
21ms Script
application/javascript 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5468650
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFHN4GMEYW9TJJZK68Y40Z-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884774251e10916e-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/donation/ Frame 818B 186 KB
38 KB 29ms
28ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65dd34b8af88b8b6ebba8e71208ce4f35adbf25ecc41fb80ceef04f9a4661794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
x-amz-version-id: BepBBdQMP5gskZvjy6gb3ETTiXD1GIQ5
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 1568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: W/"bd6217338a44cf975bcc1856aa7a7c8f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 88477424fae64daf-FRA
x-amz-cf-id: 9O2GUoFS595g42Y-JQW1H1Q-yS1CpANyx5svudRJkzThaeE9jOqOcw==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/ Frame 818B 2 MB
395 KB 38ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d41745f79db8054e0cbf8bac8db4c35f581dc54b028fd9def0127fab281b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
x-amz-version-id: wgzaWtxmHIrhEFBnSOrNp0_rX2P.GkIj
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 6144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"24c562a3f0e107935afdca59d1c833de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 88477424fae84daf-FRA
x-amz-cf-id: qU1Ao9llbaLz6cGu1lXKL0jQXJgOGWp_VmJdgQD036qm6ZtysCxeiA==

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/ Frame 818B 1 MB
430 KB 40ms
39ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e87327f6273792deacbf13ba7062a87d4be4ceeda531b3a953554e8e1139b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
x-amz-version-id: ckJd7vFW_viEh0bBrTyhLCq6ZBsnmjDn
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 6144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"28bc0ee9cbe8a385be878572ed34a82d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 88477424fae94daf-FRA
x-amz-cf-id: 3-TTkstQwJjLFyR6koEn28LF_b3mJ3bwdLsQKs939X3WfcAi4Qf5-Q==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame 818B 156 KB
43 KB 69ms
38ms Script
text/javascript 13.33.187.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e3408c3ed768595861313cf261a49210f05b8adae2ce5a6a432926ec00a2202

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: MNUqTGYyrJLP.kKdg5JBfhpMWHTiNtir
content-encoding: br
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront)
date: Thu, 16 May 2024 01:03:18 GMT
x-amz-request-id: DXKHH7XSXXG9QHKR
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: XJfChxpA7/3ijXn65R95VAgUCAghcxrWY4cPMvmVnutW01aJcTwCOe5b3e2e7kTSqHOtoCuz8x0=
last-modified: Tue, 14 May 2024 13:53:55 GMT
server: AmazonS3
etag: W/"33983c19dd76a4064897d8dc6e85b25e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: 8Q9cxq4a7Gi9QlA-oBQ1j1rX-lnBizZee3KpGjcg0SaBv2XXfobwDA==

GET
DATA 200
OK truncated Show response
/ Frame 818B 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 818B 604 KB
148 KB 55ms
11ms Script
text/javascript 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

703c6538c7c240f05fa39933fe7625588a50071d6d402250da0075de638c7b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:03:51 GMT
content-encoding: br
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 36
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
last-modified: Wed, 15 May 2024 20:41:03 GMT
server: Cloudfront
etag: W/"470acd355ab36612885d09fe7907ab94"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 1GJcz4NWi8SpEe-PDcEl2bYG-7aMQMPrDs64F3Re9tG-p8VfJB2FXQ==

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame 818B 465 KB
120 KB 8ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 6349be8696428e0c34f93ad4c10af7b7fae7d381e4ad5a07703bac205fcc4343

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
content-md5: Y/GBvdGKjvPjrIxgIecRQw==
age: 106
x-cache: HIT
content-length: 122394
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 18:08:41 GMT
server: ECAcc (frc/4C94)
etag: 0x8DC7440E32CBDEC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: 74db779f-001e-007a-572c-a75847000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Thu, 16 May 2024 02:04:26 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame 818B 18 KB
4 KB 8ms
7ms Stylesheet
text/css 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebe386f69eb938f611df7c31a728817e55fdb3615a598a9efbf831badb5030b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: upNMogas8jW.6w.vZEzq7KOyicm2GJYs
content-encoding: gzip
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 23:20:16 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 7223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"83a06179866d715dda6c7420825a42e6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: FZg1haRfQN-Y3I6az3fTX-8ZFtXFJUZyuLvIhrCeVD_bw4SktL9uEg==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame 818B 9 KB
3 KB 9ms
6ms Fetch
application/json 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

87e983de6f1538e9755ec8aac56df1106c437766e28a5ff93058d4da9c175888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cSZ25WrspW34UG6bj.SteXckCbP5GZ_Q
content-encoding: gzip
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
date: Wed, 15 May 2024 09:37:02 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 78460
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"0f79898c6c9075c1d9982bdb1de5a19b-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: SYMEVuuBg7r3aPJNh5jM4ndwyveAj72Xu5sglpJPNvteB14HgD8Xag==

GET
H2 200 sdk.js Show response
donate.kesem.org/sso/ Frame 818B 14 KB
4 KB 39ms
38ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e1bc00387661b1476191a36445a5614f6f234572a6f462a84741920757a101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/give/441200/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 00:58:29 GMT
cf-bgj: minify
server: cloudflare
age: 357
cf-polished: origSize=27444
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 88477426b8009b40-FRA
expires: Thu, 16 May 2024 01:18:29 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame 818B 88 KB
31 KB 47ms
12ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1677656
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-etou8220056-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715821467.761753,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2, 68387

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
donate.kesem.org/sso/ssobuild/js/ Frame 818B 12 KB
5 KB 52ms
47ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-84d8b42da6e9dffd----1715821466788
traceparent: 00-bea882b3988b1053fde7e45139a35383-84d8b42da6e9dffd-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4NGQ4YjQyZGE2ZTlkZmZkIiwidHIiOiJiZWE4ODJiMzk4OGIxMDUzZmRlN2U0NTEzOWEzNTM4MyIsInRpIjoxNzE1ODIxNDY2Nzg4fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.kesem.org/give/441200/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 21:53:00 GMT
cf-bgj: minify
server: cloudflare
age: 5477258
etag: W/"65dd083c-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 8847742778389b40-FRA
expires: Thu, 13 Mar 2025 15:36:48 GMT

GET
H2 200 main.css
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/ Frame F5A4 1 MB
0 1ms
1ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bdd511e21c4792a2d9ba2aaeac5b53d64d07e1389e4477055336fc7e8d46bce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: 9_FVJ.YBHHYRkyCph5npC5XQPqLAzplb
cf-cache-status: HIT
age: 6144
x-amz-cf-pop: FRA60-P1
cf-polished: origSize=1160521
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: W/"92b9e33143e83006fdbbc548a09c23f0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 88477423aa134daf-FRA
x-amz-cf-id: kWZW3gmvKlRYD5C_1LuV34n3ralayOK4l1HcypHG-Z84LyTLCJ_qrQ==

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame F5A4 141 KB
0 2ms
2ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 1641
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 18:08:41 GMT
server: ECAcc (frc/4CF6)
etag: 0x8DC7440E31C93B0
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: 0915426c-a01e-005c-6029-a7105f000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Thu, 16 May 2024 02:04:26 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame F5A4 151 KB
0 5ms
5ms Script
application/javascript 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9e03c1e7197d2ff12e1a69c9d46a039c32b395c995f7f718afe2227f95137b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: br
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: td63hQ0nVpr-SSQUqE1KEhyyhPjiisFwMcqCt5t-MqfY_WMtfWtytA==
x-xss-protection: 1; mode=block

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ Frame F5A4 0
0 0ms
0ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://files.doublethedonation.com/app/ddplugin.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 16 May 2024 02:04:26 GMT
x-ms-request-id: 84c3617a-201e-000f-362c-a7336b000000
date: Thu, 16 May 2024 01:04:26 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame F5A4 26 KB
655 B 7ms
7ms Script
text/javascript 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5fb6ac6806675225d34733477016d91f6a07b9594318355c7ae848bfe7567af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qYd_CnuRpdW_F6IVsyOpV1aUwTwSy9KK
date: Wed, 15 May 2024 05:19:12 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 81237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"3ce606e14c2f6042673093087105b15b-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: v5__R5YEDnTnob1OHssBNe9ObVRgTTIBHgdDDeNhAynUvbTZEKCRPg==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame F5A4 311 KB
656 B 7ms
7ms Script
text/javascript 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

202cf3174ffa2f5624974ea489fd0bb81e4af324bf96eb4e076ae477aa91f90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .BLCwM604ZT4jVeYBde7et7vS6tuxeTD
date: Wed, 15 May 2024 06:01:19 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 68589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"5900b2c974fc9d0b2cb49777d06bbb17-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: tphuXG9PtGyVqAqifpuXLM48VHqQsvjrFCjpgZ-ya0bkqWuzIY_PuA==

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 6A28 0
0 31ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3350089
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 608803
x-content-type-options: nosniff
x-request-id: 3a7afd45-a44f-4839-8714-abe7804f9408
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 818B 993 B
2 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 16 May 2024 01:04:27 GMT

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame 818B 0
188 B 13ms
13ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-17aa4ca1449bbe83----1715821467116
traceparent: 00-cc24ef64a775713e284976e8a4798727-17aa4ca1449bbe83-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxN2FhNGNhMTQ0OWJiZTgzIiwidHIiOiJjYzI0ZWY2NGE3NzU3MTNlMjg0OTc2ZThhNDc5ODcyNyIsInRpIjoxNzE1ODIxNDY3MTE2fX0=
content-type: application/json
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.kesem.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8847742978df9b40-FRA

GET
H2 200 channels Show response
donate.kesem.org/frs-api/campaigns/441200/ Frame 818B 1 KB
612 B 774ms
774ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaigns/441200/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94516cb0718f0e046a2595606e6af6a2980e1ad5dad1453e3fd72bed0a5ab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
tracestate: 423787@nr=0-1-423787-363751183-c2df5fb8ecb124cc----1715821467118
traceparent: 00-91c0a8fb93054129fb450e6696c52e1a-c2df5fb8ecb124cc-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjMmRmNWZiOGVjYjEyNGNjIiwidHIiOiI5MWMwYThmYjkzMDU0MTI5ZmI0NTBlNjY5NmM1MmUxYSIsInRpIjoxNzE1ODIxNDY3MTE4fX0=
Accept: application/json, text/plain, */*
csrf-token: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40d-euiBAT1nGccjN4ewBsxhpAGiKeY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8847742978e19b40-FRA

GET
H2 200 transaction-estimates Show response
donate.kesem.org/frs-api/campaign/441200/ Frame 818B 393 B
333 B 381ms
380ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaign/441200/transaction-estimates?amex=false&amount=100&currency=USD&fot=true&international=false&processor_name=PAYPAL_COMMERCE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0224f6f726ebdf66cc3eac58223cd810ae70d309cd7172c04b2d8fe95fceaad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
tracestate: 423787@nr=0-1-423787-363751183-31f20f1b133e5118----1715821467193
traceparent: 00-3aa393a49ddb41444cbf59c80c5ff524-31f20f1b133e5118-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzMWYyMGYxYjEzM2U1MTE4IiwidHIiOiIzYWEzOTNhNDlkZGI0MTQ0NGNiZjU5YzgwYzVmZjUyNCIsInRpIjoxNzE1ODIxNDY3MTkzfX0=
Accept: application/json, text/plain, */*
csrf-token: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"189-RLAu2AIDwiji7rUCQmlcccQKPEY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 88477429f9069b40-FRA

GET
H2 200 paypal Show response
pay.classy.org/token/ Frame 818B 124 B
731 B 403ms
371ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/paypal?applicationId=6332&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac139986ae346a132b6c426fe744167b06a2a94b195c53105a237380234544f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: abb5c0aa-bd52-4753-957a-1de11988c859
cf-ray: 8847742a29812c75-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame 818B 88 B
475 B 407ms
376ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=6332&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 7c85afc2-48da-4d6b-a0bf-f3125865da4d
cf-ray: 8847742a29802c75-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
donate.kesem.org/static/global/images/ Frame 818B 2 KB
2 KB 45ms
44ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.kesem.org/static/global/images/user-icon.png

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/give/441200/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 618667
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Tue, 07 May 2024 12:59:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "663a2594-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8847742a090b9b40-FRA
expires: Thu, 08 May 2025 21:13:20 GMT

GET
H2 200 8c8eda2a-555a-11ed-a901-0a58a9feac02.png
assets.classy.org/5856074/ Frame 818B 81 KB
82 KB 47ms
38ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/5856074/8c8eda2a-555a-11ed-a901-0a58a9feac02.png

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff3c055d4d512e2055e7810636458373edb5db1fb8d00daf1046d2983e6cfb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2a9e6bac3f98da321b499bb32df92550.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 93.ayMV94LZeXTMzn_3yBQcSkFXm4obO
age: 3064
x-amz-cf-pop: LHR50-P8
cf-polished: origSize=186089, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 83453
last-modified: Wed, 26 Oct 2022 18:18:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "146673bf3c62a781edee4864d4d098ea"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 8847742a0dea4daf-FRA
x-amz-cf-id: -mwINXf5i3If9e9mwVbZqTocOBxc8KmdIlP5UalHQ5Q-sAyvFT_aZA==

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame 818B 1 KB
1020 B 28ms
27ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: ue9Gyv5v1Iamj1iC70MW2lh2Q1rJqiqg
via: 1.1 55a17c046bdefb0e3ad487d092541320.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de04daf-FRA
x-amz-cf-id: Isr4aFw0kD7mBA2DsozS1NI_OrqdQef0uUj2nhfyfXYyCdE4ElQ6ig==

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame 818B 1 KB
885 B 29ms
28ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: VuvoSd3mZDGM_Odztbpa4asFIeAGQmrd
via: 1.1 62ec0a17525b577c1abf8135b16717be.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de14daf-FRA
x-amz-cf-id: nq33UR-y7v-JJU3DwAqu9-ZKF2hRwT4Sc1ZaYERYrvxtq2GGdY6uwQ==

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame 818B 3 KB
1 KB 31ms
30ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: 86c60v_zYqnWuyI6eWYO_Kj8z1DBqfo9
via: 1.1 f0d757c9b2cb754e4844ae59614d9100.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de24daf-FRA
x-amz-cf-id: Zn1S--E_irF8mClWMV94ha2-Mcdc6OxlkJ66hxm77ykZAEQ8DNMm2g==

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame 818B 1 KB
766 B 30ms
29ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: Qlv9bluYjJTwp4HfR_zsWLAJcY1zIL8z
via: 1.1 f0d757c9b2cb754e4844ae59614d9100.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de34daf-FRA
x-amz-cf-id: a9g6td5eexqp8LUXgvYWe0sH_dVPk28Ya5c0tJ1LESa12v9EVJKaLA==

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame 818B 6 KB
2 KB 33ms
32ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: rD8zBI0iIO1iv90tok.0D4BJJLBJaw5m
via: 1.1 cff6dbfc6e4575bf23441ddedd68e9d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"46fd834e95514def799fa0626c78233c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de44daf-FRA
x-amz-cf-id: I1EKUVLFJYEW8o7JqnGXpdZJb1nekMxM6OQBdBwA36k7ZQngjvtXCA==

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame 818B 1 KB
989 B 31ms
31ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: hwGLYgVbi7fem7BHk7PjX1Oq7X9S7IZX
via: 1.1 d1b112081c0d1c026f1545aafcd737aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5662
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"d71add3c9962a21340ec557ac0628bf7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de54daf-FRA
x-amz-cf-id: 8mgDUJ9tLhCV-svDpU6i6fYmN7zQOojwH4QWuq0L8tkGzJBbyXufmw==

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/fonts/ Frame 818B 42 KB
43 KB 57ms
35ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e523bedaf5beebfbc301203975a19f627a9ae72c9bd69eff4ea3a67d99d2e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: asQyRn2XS8wui5au0uImXHaXBeWF_84O
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 5855
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 43184
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: "db41ce39d2ac51b60573fd1718dc6aed"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8847742a8b288fc5-FRA
x-amz-cf-id: EVJ5qcU3HPOCtlYmJilP-hWgQ7iWvIP-0lpgicp9uQxYQ6eVkwKVUQ==

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/fonts/ Frame 818B 65 KB
66 KB 62ms
40ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: rv5zFz9UaRXmEcv5QbNVBRcYjYrqHaHk
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 4721
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 66624
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8847742a8b298fc5-FRA
x-amz-cf-id: ryBpHSN4IZgkLtCFsnQtnDJcYtZB76bTgHz5tBdjo-qlItS4ymdyNw==

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame 818B 0
37 B 11ms
11ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-ee1ea437b01d5b49----1715821467212
traceparent: 00-c7bd9f432fa9c7a074daa4c9a1ee3c6e-ee1ea437b01d5b49-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlZTFlYTQzN2IwMWQ1YjQ5IiwidHIiOiJjN2JkOWY0MzJmYTljN2EwNzRkYWE0YzlhMWVlM2M2ZSIsInRpIjoxNzE1ODIxNDY3MjEyfX0=
content-type: application/json
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.kesem.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8847742a19109b40-FRA

GET
H2 200 rocket-loader.min.js Show response
donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F5A4 12 KB
0 1ms
0ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/give/441200/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
server: cloudflare
etag: W/"663b4689-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 884774242f1a9b40-FRA
expires: Sat, 18 May 2024 01:04:26 GMT

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame F5A4 19 KB
0 66ms
46ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: donate.kesem.org
URL: https://donate.kesem.org/give/441200/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 88477424690f9f1a-FRA

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame F5A4 18 KB
569 B 12ms
7ms Stylesheet
text/css 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebe386f69eb938f611df7c31a728817e55fdb3615a598a9efbf831badb5030b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: upNMogas8jW.6w.vZEzq7KOyicm2GJYs
date: Wed, 15 May 2024 23:20:16 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 7224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"83a06179866d715dda6c7420825a42e6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: dUWrZkrNBrmhGPgQhXM-vTId0pvrayiEDxMhnKJe_hl0VAADDP_C6g==

GET
H2 200 controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html
js.stripe.com/v3/ Frame 8E48 0
0 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 59
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 229
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "86a38fe46a16bd385648c1936a19c6e8"
last-modified: Wed, 15 May 2024 20:03:33 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: 26eebfc1-ae91-434c-a292-45d17f839e6a
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
js.stripe.com/v3/ Frame 5034 0
0 12ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17817
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "82b9ff5aff74eaac5d2d01d9a6978316"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 156
x-content-type-options: nosniff
x-request-id: cd6e426e-5690-40de-92f6-c3d6d5cfd2e6
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
js.stripe.com/v3/ Frame 4A53 0
0 12ms
8ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "88c6b2aa0cec77981b46767d9675e7b0"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 5dc01a2a-0de7-49e7-80ab-0e80fd9cadf3
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
js.stripe.com/v3/ Frame F12F 0
0 12ms
12ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17817
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "82b9ff5aff74eaac5d2d01d9a6978316"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 156
x-content-type-options: nosniff
x-request-id: cd6e426e-5690-40de-92f6-c3d6d5cfd2e6
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
js.stripe.com/v3/ Frame A747 0
0 11ms
11ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "88c6b2aa0cec77981b46767d9675e7b0"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 5dc01a2a-0de7-49e7-80ab-0e80fd9cadf3
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame 818B 11 KB
1 KB 50ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 01:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 01:04:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 01:04:27 GMT

GET
H2 200 status Show response
donate.kesem.org/sso/ Frame 818B 90 B
1 KB 396ms
390ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361018187383122044132_1715821466785&_=1715821466786

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a99214cb12db9ce3b4c6ca6059e2062a93c09a8c1cb13dc9b65b9e57540e8618

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-ed1978a40fec6a6f----1715821467276
traceparent: 00-49bc8c3b95cc33a3d3374ceda24e6749-ed1978a40fec6a6f-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlZDE5NzhhNDBmZWM2YTZmIiwidHIiOiI0OWJjOGMzYjk1Y2MzM2EzZDMzNzRjZWRhMjRlNjc0OSIsInRpIjoxNzE1ODIxNDY3Mjc2fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.kesem.org/give/441200/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 8847742a89299b40-FRA
x-xss-protection: 1; mode=block

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame F5A4 9 KB
655 B 21ms
17ms Fetch
application/json 2600:9000:2250:7e00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:7e00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

87e983de6f1538e9755ec8aac56df1106c437766e28a5ff93058d4da9c175888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cSZ25WrspW34UG6bj.SteXckCbP5GZ_Q
date: Wed, 15 May 2024 09:37:02 GMT
via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
age: 78461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2024 20:43:24 GMT
server: AmazonS3
etag: W/"0f79898c6c9075c1d9982bdb1de5a19b-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: wQFbJfznMc1PiNvH5JHJF55c-N-w1Akz31yfpwx1VtLCyEtkqZn9MQ==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame F5A4 19 KB
0 519ms
132ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e562cfda9a2c721f7565dc3c81b675733cac3443c6d9763392bf9905aa5fe7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 May 2024 01:04:26 GMT
last-modified: Tue, 14 May 2024 17:26:52 GMT
etag: "0d6c2e823a6da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4931
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame F5A4 7 KB
0 43ms
21ms Script
application/javascript 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5468650
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFHN4GMEYW9TJJZK68Y40Z-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 884774251e10916e-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/donation/ Frame F5A4 186 KB
0 29ms
28ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65dd34b8af88b8b6ebba8e71208ce4f35adbf25ecc41fb80ceef04f9a4661794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
x-amz-version-id: BepBBdQMP5gskZvjy6gb3ETTiXD1GIQ5
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 1568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: W/"bd6217338a44cf975bcc1856aa7a7c8f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 88477424fae64daf-FRA
x-amz-cf-id: 9O2GUoFS595g42Y-JQW1H1Q-yS1CpANyx5svudRJkzThaeE9jOqOcw==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/ Frame F5A4 2 MB
0 38ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d41745f79db8054e0cbf8bac8db4c35f581dc54b028fd9def0127fab281b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
x-amz-version-id: wgzaWtxmHIrhEFBnSOrNp0_rX2P.GkIj
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 6144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"24c562a3f0e107935afdca59d1c833de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 88477424fae84daf-FRA
x-amz-cf-id: qU1Ao9llbaLz6cGu1lXKL0jQXJgOGWp_VmJdgQD036qm6ZtysCxeiA==

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/ Frame F5A4 1 MB
0 40ms
39ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e87327f6273792deacbf13ba7062a87d4be4ceeda531b3a953554e8e1139b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
x-amz-version-id: ckJd7vFW_viEh0bBrTyhLCq6ZBsnmjDn
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 6144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"28bc0ee9cbe8a385be878572ed34a82d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 88477424fae94daf-FRA
x-amz-cf-id: 3-TTkstQwJjLFyR6koEn28LF_b3mJ3bwdLsQKs939X3WfcAi4Qf5-Q==

GET
H2 304 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame F5A4 156 KB
499 B 43ms
39ms Script
text/javascript 13.33.187.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-42.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e3408c3ed768595861313cf261a49210f05b8adae2ce5a6a432926ec00a2202

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://donate.kesem.org/
If-None-Match: W/"33983c19dd76a4064897d8dc6e85b25e"
If-Modified-Since: Tue, 14 May 2024 13:53:55 GMT
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: MNUqTGYyrJLP.kKdg5JBfhpMWHTiNtir
via: 1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-request-id: DXKHH7XSXXG9QHKR
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"33983c19dd76a4064897d8dc6e85b25e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
age: 95
cache-control: no-cache,must-revalidate,max-age=0
x-amz-replication-status: COMPLETED
x-amz-cf-id: DyC5IByGLGIWX-raRe_6xEdXINqwG5ajwGLgeqpnzKXOAl15lVgZkA==
x-amz-id-2: XJfChxpA7/3ijXn65R95VAgUCAghcxrWY4cPMvmVnutW01aJcTwCOe5b3e2e7kTSqHOtoCuz8x0=

GET
DATA 200
OK truncated Show response
/ Frame F5A4 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ Frame F5A4 604 KB
0 55ms
11ms Script
text/javascript 13.32.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-57.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

703c6538c7c240f05fa39933fe7625588a50071d6d402250da0075de638c7b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:03:51 GMT
content-encoding: br
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 36
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront
last-modified: Wed, 15 May 2024 20:41:03 GMT
server: Cloudfront
etag: W/"470acd355ab36612885d09fe7907ab94"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 1GJcz4NWi8SpEe-PDcEl2bYG-7aMQMPrDs64F3Re9tG-p8VfJB2FXQ==

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame F5A4 465 KB
0 8ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 6349be8696428e0c34f93ad4c10af7b7fae7d381e4ad5a07703bac205fcc4343

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
content-md5: Y/GBvdGKjvPjrIxgIecRQw==
age: 106
x-cache: HIT
content-length: 122394
x-ms-lease-status: unlocked
last-modified: Tue, 14 May 2024 18:08:41 GMT
server: ECAcc (frc/4C94)
etag: 0x8DC7440E32CBDEC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: 74db779f-001e-007a-572c-a75847000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Thu, 16 May 2024 02:04:26 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/ Frame 818B 42 KB
14 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 15:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13973
x-xss-protection: 0
last-modified: Mon, 13 May 2024 04:15:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 May 2025 15:05:59 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 29 KB
30 KB 38ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:28:16 GMT
x-content-type-options: nosniff
age: 146171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 29 KB
0 37ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:28:16 GMT
x-content-type-options: nosniff
age: 146171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:16 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 32 KB
32 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:00:29 GMT
x-content-type-options: nosniff
age: 126238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:00:29 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 32 KB
0 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:00:29 GMT
x-content-type-options: nosniff
age: 126238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:00:29 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 29 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:28:16 GMT
x-content-type-options: nosniff
age: 146171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 29 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:28:16 GMT
x-content-type-options: nosniff
age: 146171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:16 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame 818B 29 KB
0 2ms
2ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:28:16 GMT
x-content-type-options: nosniff
age: 146171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:16 GMT

GET
H2 200 sdk.js Show response
donate.kesem.org/sso/ Frame F5A4 14 KB
0 39ms
38ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e1bc00387661b1476191a36445a5614f6f234572a6f462a84741920757a101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/give/441200/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 May 2024 00:58:29 GMT
cf-bgj: minify
server: cloudflare
age: 357
cf-polished: origSize=27444
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 88477426b8009b40-FRA
expires: Thu, 16 May 2024 01:18:29 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame F5A4 88 KB
0 47ms
12ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1677656
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-etou8220056-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715821467.761753,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2, 68387

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame B82A 0
0 1ms
1ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3350089
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 608803
x-content-type-options: nosniff
x-request-id: 3a7afd45-a44f-4839-8714-abe7804f9408
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
donate.kesem.org/sso/ssobuild/js/ Frame F5A4 12 KB
0 1ms
1ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.kesem.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-7c32630abc8ca84f----1715821467596
traceparent: 00-78adedcf1a45723f9e68ffbedde810bd-7c32630abc8ca84f-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3YzMyNjMwYWJjOGNhODRmIiwidHIiOiI3OGFkZWRjZjFhNDU3MjNmOWU2OGZmYmVkZGU4MTBiZCIsInRpIjoxNzE1ODIxNDY3NTk2fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.kesem.org/give/441200/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 21:53:00 GMT
cf-bgj: minify
server: cloudflare
age: 5477258
etag: W/"65dd083c-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 8847742778389b40-FRA
expires: Thu, 13 Mar 2025 15:36:48 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame F5A4 993 B
517 B 28ms
28ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 16 May 2024 01:04:27 GMT

GET
H2 200 user-icon.png
donate.kesem.org/static/global/images/ Frame F5A4 2 KB
0 45ms
44ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donate.kesem.org/static/global/images/user-icon.png

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/give/441200/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 618667
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Tue, 07 May 2024 12:59:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "663a2594-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8847742a090b9b40-FRA
expires: Thu, 08 May 2025 21:13:20 GMT

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame F5A4 0
54 B 17ms
16ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-2b0b7cf2403df4bd----1715821467692
traceparent: 00-2d0a53779f4bd3dbbd4ebb02561f7ae0-2b0b7cf2403df4bd-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyYjBiN2NmMjQwM2RmNGJkIiwidHIiOiIyZDBhNTM3NzlmNGJkM2RiYmQ0ZWJiMDI1NjFmN2FlMCIsInRpIjoxNzE1ODIxNDY3NjkyfX0=
content-type: application/json
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.kesem.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8847742d19f29b40-FRA

GET
H2 200 channels Show response
donate.kesem.org/frs-api/campaigns/441200/ Frame F5A4 1 KB
545 B 373ms
174ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaigns/441200/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d94516cb0718f0e046a2595606e6af6a2980e1ad5dad1453e3fd72bed0a5ab24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
tracestate: 423787@nr=0-1-423787-363751183-adf375ac0e51b983----1715821467695
traceparent: 00-d4196ad8eaaa0a6165b3d8528fb6e5e6-adf375ac0e51b983-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhZGYzNzVhYzBlNTFiOTgzIiwidHIiOiJkNDE5NmFkOGVhYWEwYTYxNjViM2Q4NTI4ZmI2ZTVlNiIsInRpIjoxNzE1ODIxNDY3Njk1fX0=
Accept: application/json, text/plain, */*
csrf-token: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40d-euiBAT1nGccjN4ewBsxhpAGiKeY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8847742e5a5d9b40-FRA

GET
H2 200 8c8eda2a-555a-11ed-a901-0a58a9feac02.png
assets.classy.org/5856074/ Frame F5A4 81 KB
0 47ms
38ms Image
image/png 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/5856074/8c8eda2a-555a-11ed-a901-0a58a9feac02.png

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff3c055d4d512e2055e7810636458373edb5db1fb8d00daf1046d2983e6cfb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 2a9e6bac3f98da321b499bb32df92550.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 93.ayMV94LZeXTMzn_3yBQcSkFXm4obO
age: 3064
x-amz-cf-pop: LHR50-P8
cf-polished: origSize=186089, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-length: 83453
last-modified: Wed, 26 Oct 2022 18:18:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "146673bf3c62a781edee4864d4d098ea"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 8847742a0dea4daf-FRA
x-amz-cf-id: -mwINXf5i3If9e9mwVbZqTocOBxc8KmdIlP5UalHQ5Q-sAyvFT_aZA==

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame F5A4 1 KB
0 28ms
27ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: ue9Gyv5v1Iamj1iC70MW2lh2Q1rJqiqg
via: 1.1 55a17c046bdefb0e3ad487d092541320.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de04daf-FRA
x-amz-cf-id: Isr4aFw0kD7mBA2DsozS1NI_OrqdQef0uUj2nhfyfXYyCdE4ElQ6ig==

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame F5A4 1 KB
0 29ms
28ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: VuvoSd3mZDGM_Odztbpa4asFIeAGQmrd
via: 1.1 62ec0a17525b577c1abf8135b16717be.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de14daf-FRA
x-amz-cf-id: nq33UR-y7v-JJU3DwAqu9-ZKF2hRwT4Sc1ZaYERYrvxtq2GGdY6uwQ==

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame F5A4 3 KB
0 31ms
30ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: 86c60v_zYqnWuyI6eWYO_Kj8z1DBqfo9
via: 1.1 f0d757c9b2cb754e4844ae59614d9100.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de24daf-FRA
x-amz-cf-id: Zn1S--E_irF8mClWMV94ha2-Mcdc6OxlkJ66hxm77ykZAEQ8DNMm2g==

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame F5A4 1 KB
0 30ms
29ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: Qlv9bluYjJTwp4HfR_zsWLAJcY1zIL8z
via: 1.1 f0d757c9b2cb754e4844ae59614d9100.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de34daf-FRA
x-amz-cf-id: a9g6td5eexqp8LUXgvYWe0sH_dVPk28Ya5c0tJ1LESa12v9EVJKaLA==

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame F5A4 6 KB
0 33ms
32ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: rD8zBI0iIO1iv90tok.0D4BJJLBJaw5m
via: 1.1 cff6dbfc6e4575bf23441ddedd68e9d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5725
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"46fd834e95514def799fa0626c78233c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de44daf-FRA
x-amz-cf-id: I1EKUVLFJYEW8o7JqnGXpdZJb1nekMxM6OQBdBwA36k7ZQngjvtXCA==

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/ Frame F5A4 1 KB
0 31ms
31ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: hwGLYgVbi7fem7BHk7PjX1Oq7X9S7IZX
via: 1.1 d1b112081c0d1c026f1545aafcd737aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SOF50-P2
age: 5662
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 07 May 2024 13:00:53 GMT
server: cloudflare
etag: W/"d71add3c9962a21340ec557ac0628bf7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 8847742a0de54daf-FRA
x-amz-cf-id: 8mgDUJ9tLhCV-svDpU6i6fYmN7zQOojwH4QWuq0L8tkGzJBbyXufmw==

GET
H2 200 transaction-estimates Show response
donate.kesem.org/frs-api/campaign/441200/ Frame F5A4 393 B
35 B 125ms
125ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/frs-api/campaign/441200/transaction-estimates?amex=false&amount=100&currency=USD&fot=true&international=false&processor_name=PAYPAL_COMMERCE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0224f6f726ebdf66cc3eac58223cd810ae70d309cd7172c04b2d8fe95fceaad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
tracestate: 423787@nr=0-1-423787-363751183-14909d9a83fcec96----1715821467786
traceparent: 00-fc7174da54be514d059ea2a58afb5106-14909d9a83fcec96-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxNDkwOWQ5YTgzZmNlYzk2IiwidHIiOiJmYzcxNzRkYTU0YmU1MTRkMDU5ZWEyYTU4YWZiNTEwNiIsInRpIjoxNzE1ODIxNDY3Nzg2fX0=
Accept: application/json, text/plain, */*
csrf-token: JnDaYM8o-OFo-DrFV5Fl4D4Lu-RsUK5LtLTg
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 May 2024 01:04:27 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"189-RLAu2AIDwiji7rUCQmlcccQKPEY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 8847742daa239b40-FRA

GET
H2 200 paypal Show response
pay.classy.org/token/ Frame F5A4 124 B
509 B 113ms
112ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/paypal?applicationId=6332&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac139986ae346a132b6c426fe744167b06a2a94b195c53105a237380234544f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: b3939ee7-c273-43df-9e65-b46adc70070e
cf-ray: 8847742dab2c2c75-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame F5A4 88 B
474 B 126ms
125ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=6332&currency=USD

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 388bbc7a-d81d-402a-a423-5aeee0f175da
cf-ray: 8847742dab2d2c75-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/fonts/ Frame F5A4 42 KB
0 0ms
0ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/global/fonts/ClassyIcons.woff
Requested by: Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e523bedaf5beebfbc301203975a19f627a9ae72c9bd69eff4ea3a67d99d2e29

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: asQyRn2XS8wui5au0uImXHaXBeWF_84O
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P1
age: 5855
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 43184
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: "db41ce39d2ac51b60573fd1718dc6aed"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8847742a8b288fc5-FRA
x-amz-cf-id: EVJ5qcU3HPOCtlYmJilP-hWgQ7iWvIP-0lpgicp9uQxYQ6eVkwKVUQ==

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/fonts/ Frame F5A4 65 KB
0 1ms
1ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://prod-frs.content.classy.org/prod/3f67ddbf598a1096a57eb6a65a40c24e13d4278b/static/frs/main.css
Origin: https://donate.kesem.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-amz-version-id: rv5zFz9UaRXmEcv5QbNVBRcYjYrqHaHk
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P1
age: 4721
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 66624
last-modified: Tue, 07 May 2024 13:00:52 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8847742a8b298fc5-FRA
x-amz-cf-id: ryBpHSN4IZgkLtCFsnQtnDJcYtZB76bTgHz5tBdjo-qlItS4ymdyNw==

POST
H2 204 rum Show response
donate.kesem.org/cdn-cgi/ Frame F5A4 0
37 B 11ms
11ms XHR
text/plain 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-e6a7c42344f585d5----1715821467799
traceparent: 00-2591d6cfc2f1399c9151e26206450101-e6a7c42344f585d5-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlNmE3YzQyMzQ0ZjU4NWQ1IiwidHIiOiIyNTkxZDZjZmMyZjEzOTljOTE1MWUyNjIwNjQ1MDEwMSIsInRpIjoxNzE1ODIxNDY3Nzk5fX0=
content-type: application/json
Referer: https://donate.kesem.org/give/441200/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:27 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://donate.kesem.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8847742dba2f9b40-FRA

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 818B 304 KB
83 KB 642ms
614ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=LSW58CRWW68HU&commit=false

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565349ebf91028f67afff8dbed6e69b0c17ad5a2c84bf0be0beb0ccccfa5529e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 May 2024 01:04:28 GMT
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f4722417b270d
server-timing: "traceparent;desc="00-0000000000000000000f4722417b270d-b23ecce1ef156e13-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83354
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f4722417b270d-ce3c1121f8cf52bf-01
x-timer: S1715821468.829290,VS0,VE608
etag: W/"1459a-GM0JrtyAobLS7zDqn4L2+6xdzDE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html
js.stripe.com/v3/ Frame D2F7 0
0 0ms
0ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-86a38fe46a16bd385648c1936a19c6e8.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 59
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 229
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "86a38fe46a16bd385648c1936a19c6e8"
last-modified: Wed, 15 May 2024 20:03:33 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: 26eebfc1-ae91-434c-a292-45d17f839e6a
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
js.stripe.com/v3/ Frame 8B16 0
0 0ms
0ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17817
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "82b9ff5aff74eaac5d2d01d9a6978316"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 156
x-content-type-options: nosniff
x-request-id: cd6e426e-5690-40de-92f6-c3d6d5cfd2e6
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
js.stripe.com/v3/ Frame B960 0
0 0ms
0ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "88c6b2aa0cec77981b46767d9675e7b0"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 5dc01a2a-0de7-49e7-80ab-0e80fd9cadf3
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html
js.stripe.com/v3/ Frame 0224 0
0 0ms
0ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-82b9ff5aff74eaac5d2d01d9a6978316.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17817
cache-control: max-age=31536000
content-encoding: br
content-length: 222
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "82b9ff5aff74eaac5d2d01d9a6978316"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 156
x-content-type-options: nosniff
x-request-id: cd6e426e-5690-40de-92f6-c3d6d5cfd2e6
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html
js.stripe.com/v3/ Frame D813 0
0 0ms
0ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-88c6b2aa0cec77981b46767d9675e7b0.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 8
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:27 GMT
etag: "88c6b2aa0cec77981b46767d9675e7b0"
last-modified: Wed, 15 May 2024 20:03:47 GMT
server: Fastly
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 5dc01a2a-0de7-49e7-80ab-0e80fd9cadf3
x-served-by: cache-fra-etou8220042-FRA

GET
H2 200 css
fonts.googleapis.com/ Frame F5A4 11 KB
0 50ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 May 2024 01:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 May 2024 01:04:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 May 2024 01:04:27 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ Frame F5A4 32 KB
0 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Tue, 14 May 2024 14:00:29 GMT
x-content-type-options: nosniff
age: 126238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:00:29 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ Frame F5A4 29 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer

Response headers

date: Tue, 14 May 2024 08:28:16 GMT
x-content-type-options: nosniff
age: 146171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:28:16 GMT

GET
H2 200 status Show response
donate.kesem.org/sso/ Frame F5A4 90 B
1 KB 405ms
405ms XHR
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.kesem.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361029300721953948816_1715821467594&_=1715821467595

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15e101b0a3d25be01a33a86a391668fd12b860ab48ca6f9aa095159a653a10ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-65c90c4d26cf5a90----1715821467854
traceparent: 00-4c8a5e31d0bf7eebdf38334fd2f663f8-65c90c4d26cf5a90-01
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NWM5MGM0ZDI2Y2Y1YTkwIiwidHIiOiI0YzhhNWUzMWQwYmY3ZWViZGYzODMzNGZkMmY2NjNmOCIsInRpIjoxNzE1ODIxNDY3ODU0fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://donate.kesem.org/give/441200/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 8847742e1a4c9b40-FRA
x-xss-protection: 1; mode=block

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/ Frame F5A4 42 KB
0 13ms
12ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 15:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13973
x-xss-protection: 0
last-modified: Mon, 13 May 2024 04:15:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 May 2025 15:05:59 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame F5A4 304 KB
0 535ms
535ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565349ebf91028f67afff8dbed6e69b0c17ad5a2c84bf0be0beb0ccccfa5529e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-k3DH6sV4vkXeGbT81h/xC4C8Yvj9/Q5Fdi72FDZlTL5G+UHL' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 May 2024 01:04:28 GMT
age: 0
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f4722417b270d
server-timing: "traceparent;desc="00-0000000000000000000f4722417b270d-b23ecce1ef156e13-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83354
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f4722417b270d-ce3c1121f8cf52bf-01
x-timer: S1715821468.829290,VS0,VE608
etag: W/"1459a-GM0JrtyAobLS7zDqn4L2+6xdzDE"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 818B 14 KB
6 KB 11ms
11ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=donate.kesem.org&t=xo&v=5.0.439&source=payments_sdk&mrid=LSW58CRWW68HU&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&disableSetCookie=true&vault=false

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00573ebaedf88a017ef729714f9088298688afbeaf03cc0d0898d12723ad2f56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hAP9vttR2XDJKGENtU3havkghMY6QBADAViMBWACQvHbHVSE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hAP9vttR2XDJKGENtU3havkghMY6QBADAViMBWACQvHbHVSE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 525
x-cache: HIT, MISS
paypal-debug-id: f42874495460e
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4804
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f42874495460e-4c19eacda38f2030-01
x-timer: S1715821468.465761,VS0,VE4
etag: W/"3699-Y1WD21cYVgz089uGlH2ufWi8qjg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame F5A4 14 KB
0 2ms
2ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00573ebaedf88a017ef729714f9088298688afbeaf03cc0d0898d12723ad2f56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hAP9vttR2XDJKGENtU3havkghMY6QBADAViMBWACQvHbHVSE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-hAP9vttR2XDJKGENtU3havkghMY6QBADAViMBWACQvHbHVSE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish, 1.1 varnish
age: 525
x-cache: HIT, MISS
paypal-debug-id: f42874495460e
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4804
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f42874495460e-4c19eacda38f2030-01
x-timer: S1715821468.465761,VS0,VE4
etag: W/"3699-Y1WD21cYVgz089uGlH2ufWi8qjg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 818B 304 KB
83 KB 11ms
9ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32637572a22ca603c880f4e856e2332d9490a8dd5db951ae1a7f02e865c6f898

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 May 2024 01:04:28 GMT
age: 5499
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f4872238eb5ae
server-timing: "traceparent;desc="00-0000000000000000000f4872238eb5ae-4f310b011b7cee1e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83350
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f4872238eb5ae-5306e82a352806f6-01
x-timer: S1715821468.477700,VS0,VE3
etag: W/"14596-r4yvd5yWqrns98dXf2Q7PIf6lR0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 33, 0

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame F5A4 304 KB
86 B 21ms
11ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32637572a22ca603c880f4e856e2332d9490a8dd5db951ae1a7f02e865c6f898

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
disable-set-cookie: true
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8c6dHYhu9lM96o1zvLqA0bBIFjHGZvoSAUQ0AthxSxPzn10+' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
age: 5499
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f4872238eb5ae
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 83350
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f4872238eb5ae-5306e82a352806f6-01
x-timer: S1715821468.488005,VS0,VE4
etag: W/"14596-r4yvd5yWqrns98dXf2Q7PIf6lR0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 34, 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame 818B 55 KB
16 KB 47ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 33233b66ed1d4
dc: ccg11-origin-www-1.paypal.com
content-length: 16355
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-000000000000000000033233b66ed1d4-0e2e384c0235f2fc-01
etag: "64f25363-daa8+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 16 May 2024 02:04:28 GMT

GET
H2 200 ts
t.paypal.com/ Frame 818B 42 B
510 B 188ms
151ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ALSW58CRWW68HU-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ALSW58CRWW68HU-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=019e176c-8ce5-4382-9146-8061d93cabd4&fltp=analytics&mrid=LSW58CRWW68HU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20to%20Kesem%202023%20Donate%20Now&dh=1200&dw=1600&bh=592&bw=420&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715821468479&g=-120&completeurl=https%3A%2F%2Fdonate.kesem.org%2Fgive%2F441200%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo%26egrn%3Dtrue&ru=https%3A%2F%2Fwww.kesem.org%2F&disableSetCookie=true

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d2a109242b5ab
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: d2a109242b5ab
traceparent: 00-0000000000000000000d2a109242b5ab-c8c7645d9a4dbb23-01
x-timer: S1715821469.516570,VS0,VE145
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 01:04:28 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame F5A4 55 KB
0 47ms
47ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 33233b66ed1d4
dc: ccg11-origin-www-1.paypal.com
content-length: 16355
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-000000000000000000033233b66ed1d4-0e2e384c0235f2fc-01
etag: "64f25363-daa8+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 16 May 2024 02:04:28 GMT

GET
H2 200 ts
t.paypal.com/ Frame F5A4 42 B
165 B 212ms
177ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ALSW58CRWW68HU-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ALSW58CRWW68HU-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=019e176c-8ce5-4382-9146-8061d93cabd4&fltp=analytics&mrid=LSW58CRWW68HU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20to%20Kesem%202023%20Donate%20Now&dh=1200&dw=1600&bh=592&bw=420&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715821468481&g=-120&completeurl=https%3A%2F%2Fdonate.kesem.org%2Fgive%2F441200%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo%26egrn%3Dtrue&ru=https%3A%2F%2Fwww.kesem.org%2F&disableSetCookie=true

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b3fc2cf711c32
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: b3fc2cf711c32
traceparent: 00-0000000000000000000b3fc2cf711c32-8f4fd5a8c5a6ffa6-01
x-timer: S1715821469.516579,VS0,VE171
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 01:04:28 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame 818B 12 KB
5 KB 11ms
11ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=donate.kesem.org&t=xo&v=5.0.439&source=payments_sdk&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&disableSetCookie=true&vault=true

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Z3oH8cumW23EA7VvlX8tit6G2Va05bXyHPvqVHbS1WGICc2J' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Z3oH8cumW23EA7VvlX8tit6G2Va05bXyHPvqVHbS1WGICc2J' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 6720
x-cache: HIT, MISS
paypal-debug-id: f229080ae5dbb
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f229080ae5dbb-3e95deef7c49cc7d-01
x-timer: S1715821469.508414,VS0,VE5
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 buttons
www.paypal.com/smart/ Frame 5F35 0
0 356ms
344ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_4f6fe7a480_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_7cb3eb03cd_mde6mdq6mjg&commit=false&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&enableFunding.0=venmo&env=production&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&merchantID.0=LSW58CRWW68HU&platform=desktop&renderedButtons.0=paypal&sessionID=uid_7cb3eb03cd_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUxTVzU4Q1JXVzY4SFUmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&sdkVersion=5.0.439&storageID=uid_c89ff0fdd8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=LSW58CRWW68HU&commit=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:28 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"69b79-9TuULSBQ03tdB9KXFlD+WLJXowk"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f2551236f455d
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f2551236f455d-6b79a0df7fbe278c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2551236f455d-9d3ba781e4c1ae6c-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220037-FRA, cache-fra-etou8220037-FRA
x-timer: S1715821469.557779,VS0,VE337
x-xss-protection: 1; mode=block

GET
H2 200 buttons
www.paypal.com/smart/ Frame 350E 0
0 392ms
392ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_1d61217b26_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_cd1f1c5fba_mde6mdq6mjg&commit=true&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&flow=billing_setup&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=tokenize&locale.country=US&locale.lang=en&platform=desktop&renderedButtons.0=paypal&sessionID=uid_cd1f1c5fba_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&sdkVersion=5.0.439&storageID=uid_c3dc8742e8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:28 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"69b28-TvKfEM1AxW0FYnHnYuFer7wDNQc"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f255123933135
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f255123933135-9f6e4ef7c10d23d5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f255123933135-5976f9364f60b46c-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220037-FRA, cache-fra-etou8220037-FRA
x-timer: S1715821469.569680,VS0,VE385
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 9BEA 3 KB
1 KB 9ms
9ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e0953c7feefe8
dc: ccg11-origin-www-1.paypal.com
content-length: 1207
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 16 May 2024 02:04:28 GMT

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame FA77 3 KB
0 10ms
10ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e0953c7feefe8
dc: ccg11-origin-www-1.paypal.com
content-length: 1207
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 16 May 2024 02:04:28 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame F5A4 12 KB
49 B 12ms
12ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Z3oH8cumW23EA7VvlX8tit6G2Va05bXyHPvqVHbS1WGICc2J' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Z3oH8cumW23EA7VvlX8tit6G2Va05bXyHPvqVHbS1WGICc2J' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
age: 6720
x-cache: HIT, MISS
paypal-debug-id: f229080ae5dbb
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4338
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220157-FRA, cache-fra-etou8220157-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f229080ae5dbb-3e95deef7c49cc7d-01
x-timer: S1715821469.587558,VS0,VE5
etag: W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 ts
t.paypal.com/ Frame 818B 42 B
165 B 151ms
151ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20to%20Kesem%202023%20Donate%20Now&dh=1200&dw=1600&bh=592&bw=420&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715821468593&g=-120&completeurl=https%3A%2F%2Fdonate.kesem.org%2Fgive%2F441200%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo%26egrn%3Dtrue&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 62caed3e53c33
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: 62caed3e53c33
traceparent: 00-000000000000000000062caed3e53c33-d0073f48ba8a8e47-01
x-timer: S1715821469.593667,VS0,VE145
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 01:04:28 GMT

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame 4FB9 0
0 27ms
8ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16754
content-type: text/html
date: Thu, 16 May 2024 01:04:28 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc+gzip"
expires: Thu, 16 May 2024 02:04:28 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: f22c8158e3a01
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000f22c8158e3a01-dc770ae0f0a68df3-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 index.html
www.paypalobjects.com/muse/analytics/ Frame 15C7 0
0 28ms
28ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16754
content-type: text/html
date: Thu, 16 May 2024 01:04:28 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc+gzip"
expires: Thu, 16 May 2024 02:04:28 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: f22c8158e3a01
server: ECAcc (frc/4CBF)
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000f22c8158e3a01-dc770ae0f0a68df3-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame C24C 3 KB
0 10ms
10ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e0953c7feefe8
dc: ccg11-origin-www-1.paypal.com
content-length: 1207
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 16 May 2024 02:04:28 GMT

GET
H2 200 buttons
www.paypal.com/smart/ Frame 19F7 0
0 349ms
349ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_c44714e5c8_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_7cb3eb03cd_mde6mdq6mjg&commit=false&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&enableFunding.0=venmo&env=production&experiment.enableVenmo=false&flow=purchase&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwibWFlc3RybyI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGluZXJzIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJjdXAiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&intent=capture&locale.country=US&locale.lang=en&merchantID.0=LSW58CRWW68HU&platform=desktop&renderedButtons.0=paypal&sessionID=uid_7cb3eb03cd_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUxTVzU4Q1JXVzY4SFUmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&sdkVersion=5.0.439&storageID=uid_c89ff0fdd8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:28 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"69b79-EuMtGMRjoUrSoBozy7TtoXyuM3s"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f2551239f2a37
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f2551239f2a37-191eeccc1409288e-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2551239f2a37-a7727daa33aac2f2-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220037-FRA, cache-fra-etou8220037-FRA
x-timer: S1715821469.627575,VS0,VE342
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 87EF 3 KB
0 10ms
10ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e0953c7feefe8
dc: ccg11-origin-www-1.paypal.com
content-length: 1207
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000e0953c7feefe8-86f3c87ec4d932d9-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Thu, 16 May 2024 02:04:28 GMT

GET
H2 200 buttons
www.paypal.com/smart/ Frame 746D 0
0 356ms
355ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&allowBillingPayments=true&applePaySupport=false&buttonSessionID=uid_30d6364764_mde6mdq6mjg&customerId=&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&clientMetadataID=uid_cd1f1c5fba_mde6mdq6mjg&commit=true&components.0=buttons&components.1=funding-eligibility&currency=USD&debug=false&disableSetCookie=true&env=production&experiment.enableVenmo=false&flow=billing_setup&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJtYWVzdHJvIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaW5lcnMiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImN1cCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&intent=tokenize&locale.country=US&locale.lang=en&platform=desktop&renderedButtons.0=paypal&sessionID=uid_cd1f1c5fba_mde6mdq6mjg&sdkCorrelationID=08a0978405834&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&sdkVersion=5.0.439&storageID=uid_c3dc8742e8_mde6mdq6mjg&supportedNativeBrowser=false&supportsPopups=true&vault=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://donate.kesem.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 16 May 2024 01:04:29 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"69b29-PZscbIxRgidAwgFeTRfxZi9uxR0"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f2551230e2a7b
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f2551230e2a7b-5576825edc3beae5-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2551230e2a7b-6fdda4a9bbffd3c2-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-etou8220037-FRA, cache-fra-etou8220037-FRA
x-timer: S1715821469.656774,VS0,VE349
x-xss-protection: 1; mode=block

GET
H2 200 ts
t.paypal.com/ Frame F5A4 42 B
168 B 151ms
151ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ALSW58CRWW68HU-1&page=muse%3Aoffer%3A%3A%3ALSW58CRWW68HU-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=019e176c-8ce5-4382-9146-8061d93cabd4&es=visitorInfoFlowStarted&mrid=LSW58CRWW68HU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20Kesem%202023%20Donate%20Now&dh=1200&dw=1600&bh=592&bw=420&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715821468657&g=-120&completeurl=https%3A%2F%2Fdonate.kesem.org%2Fgive%2F441200%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo%26egrn%3Dtrue&disableSetCookie=true

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 2ff3593d48d43
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: 2ff3593d48d43
traceparent: 00-00000000000000000002ff3593d48d43-7368734ded912f1d-01
x-timer: S1715821469.657978,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 01:04:28 GMT

GET
H2 200 ts
t.paypal.com/ Frame 818B 42 B
479 B 164ms
164ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ALSW58CRWW68HU-1&page=muse%3Aoffer%3A%3A%3ALSW58CRWW68HU-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=019e176c-8ce5-4382-9146-8061d93cabd4&es=visitorInfoFlowStarted&mrid=LSW58CRWW68HU&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20to%20Kesem%202023%20Donate%20Now&dh=1200&dw=1600&bh=592&bw=420&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715821468658&g=-120&completeurl=https%3A%2F%2Fdonate.kesem.org%2Fgive%2F441200%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo%26egrn%3Dtrue&disableSetCookie=true

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ad7b528d0b434
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: ad7b528d0b434
traceparent: 00-0000000000000000000ad7b528d0b434-9e2d14f440a7cdf1-01
x-timer: S1715821469.659286,VS0,VE157
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 01:04:28 GMT

GET
H2 200 ts
t.paypal.com/ Frame F5A4 42 B
167 B 150ms
150ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20to%20Kesem%202023%20Donate%20Now&dh=1200&dw=1600&bh=592&bw=420&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1715821468659&g=-120&completeurl=https%3A%2F%2Fdonate.kesem.org%2Fgive%2F441200%2F%23!%2Fdonation%2Fcheckout%3Feg%3Dtrue%26egp%3Ddo%26egrn%3Dtrue&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true

Requested by

Host: www.kesem.org
URL: https://www.kesem.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://donate.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 16 May 2024 01:04:28 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 108e2a595356b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220101-FRA
pragma: no-cache
correlation-id: 108e2a595356b
traceparent: 00-0000000000000000000108e2a595356b-3a0079cce0faffd5-01
x-timer: S1715821469.659573,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 May 2024 01:04:28 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 753ms
140ms Image
image/gif 2606:4700::6810:7574

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=23325778&pu=https%3A%2F%2Fwww.kesem.org%2F&t=Free%2C+fun+support+for+kids+whose+parents+have+cancer+%7C+Kesem&cts=1715821469204&vi=e46bbd4de2bc7772b0112d9e80e3c453&nc=true&u=210537418.e46bbd4de2bc7772b0112d9e80e3c453.1715821469201.1715821469201.1715821469201.1&b=210537418.1.1715821469201&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 01:04:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 631281b1-2d5b-4e4a-bf01-4c37f6b49f07
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 631281b1-2d5b-4e4a-bf01-4c37f6b49f07
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zK%2B5hLXPUpfzlF6AVX5eEwKsD4NJtmP47S8IYChQTgOqkSOWG5HlstsdFJiKHYA38yxzlH6G1k2UAMZ8CBkC6UdMzrSwXBVzfA1Hq8v2EG1EO%2B7Ijn2ZW1FAJdstz2lMy1ltJnqpkSwM78VNHi%2BX"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-v5zn2
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8847743a5fbc3a79-FRA
x-robots-tag: none

GET
H2 200 617c5db66b27503f33029c19_kesem-favicon.png
assets-global.website-files.com/615b7d5e77217e9ff469ea49/ 431 B
888 B 11ms
11ms Other
image/png 2600:9000:21f3:2200:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/615b7d5e77217e9ff469ea49/617c5db66b27503f33029c19_kesem-favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60cf82e70a15f95c2045120c033f6106870e92a3b456753451c0934d419d3d19

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.kesem.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 21:20:05 GMT
x-amz-version-id: kFrUMKpWflihjppECZGoNLIZjoMeMAQl
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
age: 2864665
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 431
last-modified: Fri, 29 Oct 2021 20:46:48 GMT
server: AmazonS3
etag: "55884d704b3fa777a6ed42e6345ef329"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ndmbfsYXUMqTtCLM0rp4BuqhKGHV7nFDYX0wO_nv4zj58fBHWxyIEg==

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.donate.kesem.org/	1970-01-20 20:37:03	Name: __cf_bm Value: .dEsSNyDUHGadVcuD0xF7hbmdGqvuXTgiPPg57Yr6aQ-1715821461-1.0.1.1-a_UAGJ18EMzBVH2f.mTZCkABGW46OqJfrG9OxAWFq6XB69Z8PAlSgwJ2CL7f3VTOZhIrUM0pIOp.rgjSmR4RYg
.donate.kesem.org/	1969-12-31 23:59:59	Name: _cfuvid Value: FwwymdKzKHNCekui51MPOcTy7cFSO2x4aJ4Ueu8H5jI-1715821461988-0.0.1.1-604800000
.kesem.org/	1970-01-20 22:46:37	Name: _gcl_au Value: 1.1.102549187.1715821465
.classy.org/	1970-01-20 20:37:03	Name: __cf_bm Value: SxzV296c7U0OF_VlxZYQwnlXpZCU1tEwf6qNkSbnSDA-1715821464-1.0.1.1-UrSLB.CobsgVhbXYMhOepAfxrytXLPLpLEdhPXDlLu22hE.LrE5gPkYSIWbl9RM3DxlzC9oi8ihqKGLTZsujdw
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: FROWgmVVJSWEMUA96TLEScqc_7MgrXFzCT167jRD2Dk-1715821464842-0.0.1.1-604800000
.kesem.org/	1970-01-20 20:38:27	Name: _gid Value: GA1.2.726304416.1715821465
.kesem.org/	1970-01-20 20:37:01	Name: _gat_gtag_UA_30205020_1 Value: 1
.kesem.org/	1970-01-21 06:13:01	Name: _ga_QY37YFZRTW Value: GS1.1.1715821464.1.0.1715821464.60.0.0
.kesem.org/	1970-01-21 06:13:01	Name: _ga Value: GA1.1.835068250.1715821465
.kesem.org/	1970-01-20 22:46:37	Name: _fbp Value: fb.1.1715821464935.1801529356
.classy.org/	1969-12-31 23:59:59	Name: __cfruid Value: 5853f28ad85ebd9a75089e4d240ef21d443a7494-1715821465
.hsforms.com/	1970-01-20 20:37:03	Name: __cf_bm Value: 9bSPneivOqaYXGQsf8I1jUfmvJ8SBqJZiwPpaS6PjdA-1715821465-1.0.1.1-Er7o0zaYXvTqFCNHfxWXuTxOY7RNBN75vo9ZCRSGdxqvtogs_4mVxp22fov7i8KTW_IbC0Xr_CUmVQAlZOWwYg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: RIz877Q_AicYPVwQIi1djLJbl8l4q9SMwW6YfHooX0U-1715821465540-0.0.1.1-604800000
donate.kesem.org/	1970-01-21 06:13:01	Name: connect.sid Value: s%3AeZ89IabuCK1aTNdXWaTEtwi8MeoHDSfo.Q00UOgEzbiEvJr2CYwIU%2BYAX2h9CtmiPTe3Inknro%2BE
.donate.kesem.org/	1969-12-31 23:59:59	Name: __cfruid Value: e4b371f388351794068cc25c8d7327d0f24c8526-1715821466
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eEUKl-rEI3E
.youtube.com/	1970-01-21 00:56:13	Name: VISITOR_INFO1_LIVE Value: o31HYwKlO5c
.youtube.com/	1970-01-21 00:56:13	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgSA%3D%3D
m.stripe.com/	1970-01-21 06:13:01	Name: m Value: 6c783ff6-2ce1-43d4-9f4a-1afb81a3f2dc4c8fda
.donate.kesem.org/	1970-01-21 05:22:37	Name: __stripe_mid Value: a546875a-e85f-4a99-96c5-b6f1523a91d9f909b8
.donate.kesem.org/	1970-01-20 20:37:03	Name: __stripe_sid Value: 58f3c699-f94b-43de-95ed-0187c7d5a08d0611aa
donate.kesem.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: MMiSRfms-fcVeXPyBA1RSV2q4bV8jh9_HHzc
donate.kesem.org/	1970-01-20 20:37:02	Name: XSRF-TOKEN Value: eyJpdiI6ImlzdHcwSzFSUnBRbXByWWhkSnFJd0E9PSIsInZhbHVlIjoiQmlSOElQRWhsckkwcjN2SEtOb3I3Tmg5bFkrVFNTZUtjZVF0QmRPZ1VSblNzK0thYUM4ZnJ6YktoV1VMVjdyeUk4WkltZnRET1hDZy9leXVCNTJrYmZJK0ZteTZ3dHVmd1c5ZWNqNDJIN1ZHd3FPYUg2a25BV1V3N0lOZStQTFkiLCJtYWMiOiJhMWQ4OWQ5NDEzOWYyMDZjNTIwMjllZmIzYWM1MmQxZmY4MWMwNWZjYjUyNjNkNTYxMzI1NTFmMTEwNjllMzcxIiwidGFnIjoiIn0%3D
donate.kesem.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Ik9hOHZLNUdxYW1xbHZRWVZYdDc1UFE9PSIsInZhbHVlIjoiTDFLeFFLYUxoU1V1dzE5ckZ2OXhnNlB0WjhPMHAyZGFzc2gyeFlzbnZlZ0l4b2hqUVVRdGpBUFlrb2JQMnhUbW5LeXI1WEFZYmVGTjN2WnNJMU1uU21NNjZtM1k1MlpCcUtvVnBiMm5HWVQ0RFFVUXA5MUY2Zm9wZzYydzZQNDAiLCJtYWMiOiI3NmQyZGI5ZDZmZDk0NDQ3NzQ1YTBiNWVlYWUwYzViOTk3NWU4OTMwNmMzZDNkY2FlYWZmYjdhNmZjMWNlNGRmIiwidGFnIjoiIn0%3D
.paypal.com/	1970-01-20 20:41:20	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 20:37:03	Name: l7_az Value: dcg16.slc
.paypal.com/	1970-01-21 06:13:01	Name: ts Value: vreXpYrS%3D1810429468%26vteXpYrS%3D1715823268%26vr%3D7eeddc4718f0ad112459947eff8845af%26vt%3D7eeddc4718f0ad112459947eff8845ae%26vtyp%3Dnew
.paypal.com/	1970-01-21 06:13:01	Name: ts_c Value: vr%3D7eeddc4718f0ad112459947eff8845af%26vt%3D7eeddc4718f0ad112459947eff8845ae

129 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.kesem.org/ Message: Failed to decode downloaded font: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other	warning	URL: https://www.kesem.org/ Message: OTS parsing error: cmap: Failed to serialize table
other	warning	URL: https://www.kesem.org/ Message: Failed to decode downloaded font: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other	warning	URL: https://www.kesem.org/ Message: OTS parsing error: cmap: Failed to serialize table
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sdk.classy.org/embedded-giving.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
other	warning	URL: https://connect.facebook.net/signals/config/1106316670747099?v=2.9.156&r=stable&domain=www.kesem.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.kesem.org/ Message: Failed to decode downloaded font: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other	warning	URL: https://www.kesem.org/ Message: OTS parsing error: cmap: Failed to serialize table
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.kesem.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
assets-global.website-files.com
assets.classy.org
campkesem.org
cdn.jetboost.io
cdn.plaid.com
cdn.transcend.io
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cta-service-cms2.hubspot.com
d3e54v103j8qbb.cloudfront.net
donate.kesem.org
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
htp.tokenex.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.stripe.com
pay.classy.org
perf-na1.hsforms.com
prod-frs.content.classy.org
region1.analytics.google.com
sdk.classy.org
static.cloudflareinsights.com
stats.g.doubleclick.net
t.paypal.com
track.hubspot.com
unpkg.com
uploads-ssl.webflow.com
www.campkesem.org
www.classy.org
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.kesem.org
www.paypal.com
www.paypalobjects.com
www.youtube.com
104.17.24.14
104.18.80.204
13.32.99.57
13.33.187.42
142.250.181.232
142.250.186.35
151.101.128.176
151.101.129.21
151.101.193.35
172.217.18.14
18.66.112.105
192.229.221.25
2001:4860:4802:32::36
2600:9000:21f3:2200:12:9e5f:cac0:93a1
2600:9000:223e:7400:1d:7a82:2900:93a1
2600:9000:2250:7e00:2:8531:afc0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::ac40:991b
2606:4700::6810:4f49
2606:4700::6810:6dfe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8ad1
2606:4700::6811:80ac
2606:4700::6811:afc9
2606:4700::6811:f7cb
2606:4700::6812:c55f
2606:4700::6812:f16c
2a00:1450:4001:802::200a
2a00:1450:4001:803::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::649
52.143.247.24
52.17.119.105
52.222.232.39
63.35.51.142
99.83.190.102
00573ebaedf88a017ef729714f9088298688afbeaf03cc0d0898d12723ad2f56
057201a525f69be664356f0719eed28131b6a0cb18cd53cb583eb027b740c813
0a3cb8e70dfe503b8cd036761a7490fff86becc902600b63fc13bfd1aa8100e8
0e18ea649e6a7f2a8ff1b16c72e677d382a0dcb718431995718aaa92d8ef75b9
0e562cfda9a2c721f7565dc3c81b675733cac3443c6d9763392bf9905aa5fe7f
0edd392d36a0cc9d8c1546e525ae2be75c6b8f095dac1d741c5d790e96a136dd
15e101b0a3d25be01a33a86a391668fd12b860ab48ca6f9aa095159a653a10ec
1e87327f6273792deacbf13ba7062a87d4be4ceeda531b3a953554e8e1139b65
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
202cf3174ffa2f5624974ea489fd0bb81e4af324bf96eb4e076ae477aa91f90a
20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127
21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2ff3c055d4d512e2055e7810636458373edb5db1fb8d00daf1046d2983e6cfb2
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
32637572a22ca603c880f4e856e2332d9490a8dd5db951ae1a7f02e865c6f898
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
40674cc74092d70dbcfd9f4cbbae9fff87e71404a9a2f4b57b6270557579a3d3
411b8b622d4b3b896c01b3235a8205cd1d2b7db6f8cfd2dffd239c44a717c144
41b57b9b5a01d7b8e6879e3c3552abc405ac4fddfbebfb04bdfcf110a7f86350
43f03a6879c657b1c23366307c501a0df1319a9738394ad10be141efb295f2fc
4c5465973630c3de4b1e6845c4a7bd6c82a8d3dca0017ed6919bf39f376ecedb
4ef9251e28651c4c8d6a5ae92fc332b7a6e27f939e9af77ec3c92827d59fe29c
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
54786df2c038ac72cdff7ea06a978deb83c80ea470a0ea6fb271d486801be773
565349ebf91028f67afff8dbed6e69b0c17ad5a2c84bf0be0beb0ccccfa5529e
5bdd511e21c4792a2d9ba2aaeac5b53d64d07e1389e4477055336fc7e8d46bce
5c4a0956c536b1d7dc3b6828e03114fe3d5c9cbf1d61baa604fca9cc19ffed27
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
5fb6ac6806675225d34733477016d91f6a07b9594318355c7ae848bfe7567af1
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
60cf82e70a15f95c2045120c033f6106870e92a3b456753451c0934d419d3d19
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6349be8696428e0c34f93ad4c10af7b7fae7d381e4ad5a07703bac205fcc4343
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
65dd34b8af88b8b6ebba8e71208ce4f35adbf25ecc41fb80ceef04f9a4661794
66e1bc00387661b1476191a36445a5614f6f234572a6f462a84741920757a101
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e523bedaf5beebfbc301203975a19f627a9ae72c9bd69eff4ea3a67d99d2e29
6fca56e0b11525635f30214b19a3b2aabb09f655ebf813cfb1465387970db2a5
703c6538c7c240f05fa39933fe7625588a50071d6d402250da0075de638c7b81
7959159e006fef16487d93cca3baeb7b3b56f7e3d8ffec26f759f1acd8187e38
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
7d48f66ef07e7cbcace87f5c3c51c11655dcc21c2af1cb9791bc6c58b52f2bae
7ddec7493b356e5f7e21af957a903f128542111be58cb136558cb5f751ce1f43
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
87e983de6f1538e9755ec8aac56df1106c437766e28a5ff93058d4da9c175888
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8a3bc5df27e7e5e53ddac9ec7428666820a20eaef940d044fc81be3d658d6d1e
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
95b9c7f0a76b37346f4a79c045b3424bf5dc093fc41d343e98d2d55f9c657e3f
96f1c1df4ce63dc4305288287761e42834f839182a5e3f6c116ba68ac4e27495
9e03c1e7197d2ff12e1a69c9d46a039c32b395c995f7f718afe2227f95137b2b
9e3408c3ed768595861313cf261a49210f05b8adae2ce5a6a432926ec00a2202
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a99214cb12db9ce3b4c6ca6059e2062a93c09a8c1cb13dc9b65b9e57540e8618
ac139986ae346a132b6c426fe744167b06a2a94b195c53105a237380234544f9
b09cd925c1e2639f2807c84392df88dd8dd77fa9664a869e9d17a823fc0361a6
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b4bf8910a202b24bd61be26e28eaa8c5f83a48d78999b2693a9cbdf4c9910cf1
b8f4818795d8ba29ef00851bfb7ff38be7e1a6380b306adbf4aed829d352c080
c0224f6f726ebdf66cc3eac58223cd810ae70d309cd7172c04b2d8fe95fceaad
c63f9782e146d480542091034f902dc5785016bf269ba41331ab96494bcfd7d2
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf6683ec2fb825072bc67ba2b4831425951dc365245d5334ca6f2150f50e1590
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d3351eb8605b8a76e0fceac4819e348b297bca9d88c405c7077d24a0b968c475
d345d07713f4280375b721453f58ebf61d3bb3aec11b7db446caec100cf17afb
d425f837ebda7c908269b70c7cfc6a3145ec216f869e8377c2f17ac3b3ab888f
d528489716a3043d17ff4ba166292762d17404f48d5cef086c9cf26d86bdde94
d709684ea57a8b951806b5e62ace68a2737bdb245c4205f5d22ff7b57bdcc2c0
d94516cb0718f0e046a2595606e6af6a2980e1ad5dad1453e3fd72bed0a5ab24
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de149fdb73c38fd7b31224939499d1f0c08e9e7a9176ffcfa6a9dba745bc0b00
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ebe386f69eb938f611df7c31a728817e55fdb3615a598a9efbf831badb5030b5
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ee70909cd2d25edad689d994f6c75385a9eef2565ce88c014594c3c25f72e812
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8
f2d41745f79db8054e0cbf8bac8db4c35f581dc54b028fd9def0127fab281b63
f2f16e7828359212d4854719fac741c1cb2cd5ee99be707bc8851cdc20fe9a14
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f56171e5739b9ab13378977bc63aa43b3f6228c373c452373d5d0b8387552bb1
f73bc18e0120b5c083eacf2b94f51e9ef824e427daafe4c337ee24605936902d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb5702d5db95b9827c7d44234c84c43422acfb9a068f80521848a7ab63b9fa5c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.kesem.org Open in urlscan Pro 52.17.119.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

100 %HTTPS

60 %IPv6

36 Domains

47 Subdomains

41 IPs

5 Countries

4373 kBTransfer

20902 kBSize

28 Cookies

24 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kesem.org Open in urlscan Pro
52.17.119.105 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

100 %
HTTPS

60 %
IPv6

36
Domains

47
Subdomains

41
IPs

5
Countries

4373 kB
Transfer

20902 kB
Size

28
Cookies

181 HTTP transactions
2 data transactions