urlscan.io logo urlscan.io
SecurityTrails logo

www.kesem.org Open in urlscan Pro
34.253.101.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mma.marshmma.com/e/644133/2022-08-04/232lq5/317260387?h=isQQu8TMJs3gbFcErGn68U0xQkTr38bjw8zlzFIi2vY
Effective URL: https://www.kesem.org/
Submission: On August 05 via api from DK — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 28 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.kesem.org.
TLS certificate: Issued by R3 on July 5th 2022. Valid for: 3 months.
This is the only time www.kesem.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
mma.marshmma.com
1    34.253.101.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
www.kesem.org
11    18.66.15.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-15.vie50.r.cloudfront.net
global-uploads.webflow.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    99.86.1.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-184.fra6.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2057:1c00:1d:7a82:2900:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jetboost.io
6    99.86.4.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-104.fra6.r.cloudfront.net
uploads-ssl.webflow.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 webflow.com
global-uploads.webflow.com — Cisco Umbrella Rank: 28717
uploads-ssl.webflow.com — Cisco Umbrella Rank: 13689
1 MB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
388 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
438 B
1 jetboost.io
cdn.jetboost.io — Cisco Umbrella Rank: 53579
4 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
41 KB
1 kesem.org
www.kesem.org
9 KB
1 marshmma.com
mma.marshmma.com — Cisco Umbrella Rank: 438716
925 B
28 10
Domain Requested by
11 global-uploads.webflow.com www.kesem.org
global-uploads.webflow.com
6 uploads-ssl.webflow.com global-uploads.webflow.com
2 www.facebook.com www.kesem.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.kesem.org
connect.facebook.net
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.jetboost.io www.kesem.org
1 d3e54v103j8qbb.cloudfront.net www.kesem.org
1 www.googletagmanager.com www.kesem.org
1 www.kesem.org
1 mma.marshmma.com 1 redirects
28 11
Subject Issuer Validity Valid
www.kesem.org
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh
global-uploads.webflow.com
Amazon		 2021-11-18 -
2022-12-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-15 -
2022-08-13		 3 months crt.sh
cdn.jetboost.io
Amazon		 2022-05-20 -
2023-06-18		 a year crt.sh
uploads-ssl.webflow.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.kesem.org/
Frame ID: A11D0DB1E94B1191ED18E35EF22CC2DE
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free, fun support for kids whose parents have cancer | Kesem

Page URL History Show full URLs

  1. https://mma.marshmma.com/e/644133/2022-08-04/232lq5/317260387?h=isQQu8TMJs3gbFcErGn68U0xQkTr38bjw8zlz... HTTP 301
    https://www.kesem.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

1399 kB
Transfer

3164 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mma.marshmma.com/e/644133/2022-08-04/232lq5/317260387?h=isQQu8TMJs3gbFcErGn68U0xQkTr38bjw8zlzFIi2vY HTTP 301
    https://www.kesem.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kesem.org/
Redirect Chain
  • https://mma.marshmma.com/e/644133/2022-08-04/232lq5/317260387?h=isQQu8TMJs3gbFcErGn68U0xQkTr38bjw8zlzFIi2vY
  • https://www.kesem.org/
35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kesem.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-101-190.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
dc8035be1111c06775257f6a076f7d428f90bf8abdf8e402647a09ab3ecc5394

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

accept-ranges
bytes
age
8923
content-encoding
gzip
content-length
8475
content-type
text/html
date
Fri, 05 Aug 2022 17:02:26 GMT
server
openresty
vary
x-wf-forwarded-proto, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 1
x-cluster-name
eu-west-1-prod-edge-blue
x-lambda-id
dc805c61-aa45-4b13-855e-ae78b3af3812
x-served-by
cache-iad-kiad7000083-IAD, cache-dub4327-DUB
x-timer
S1659718946.116475,VS0,VE1

Redirect headers

Connection
keep-alive
Content-Length
99
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Aug 2022 17:02:25 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Sun, 04 Aug 2024 17:02:25 GMT
location
https://www.kesem.org/
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
kesem-rebuild.webflow.503d16d07.css
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/ 		186 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e7e425d993b3b2e94a57cb035208083e21a4c5cebc4dc5daee2623f22337728

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 17:02:27 GMT
content-encoding
gzip
x-amz-cf-pop
VIE50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
26700
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
last-modified
Fri, 05 Aug 2022 14:33:32 GMT
server
AmazonS3
etag
"96b064589ee5598819e0a917c3e1bb41"
x-amz-version-id
gX5Nn0BZcodFOxhzrD5Hy8eNu0I8s9lL
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
7taJj-mp3IavPaD8aG5VvkHPGiSnYulCtnuHznutmgNEdFXtu8gS2Q==
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-30205020-1
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d5ac820e72de590f6ae99c9bf60aad4a28ce96cffbe4716e02db4c48c5a186d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 17:02:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41913
x-xss-protection
0
last-modified
Fri, 05 Aug 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Aug 2022 17:02:26 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=615b7d5e77217e9ff469ea49
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-184.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.kesem.org/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 06:03:24 GMT
content-encoding
gzip
vary
Accept-Encoding
age
39556
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
omDnjKfiUWaX9Q5eDtqvVE1UEqBQmy9ndIJEc-1FF3eOiSDQex1zpg==
webflow.e47d98794.js
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/js/ 		242 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/js/webflow.e47d98794.js
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b08100c8963fa30932d66422124abca8f90d7de05d6f62da1465132c3b205aa7

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 07:55:01 GMT
content-encoding
gzip
age
32846
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
65085
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 15:28:25 GMT
server
AmazonS3
etag
"fd8ce37fe285d5572dd6c4094844cd2a"
x-amz-version-id
keM5yds0FaYm9DFUaVajw3koQ0o7QvLQ
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
PoG0sCI-mbVTzrg-lXO27Vp9OaDmXsH11WuxxkNr9KC7HUAgmNrNzA==
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
504178d8f9ce2c6276178139240bf8a86bb59bf611230105aeebd05d09a6004f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26465
x-xss-protection
0
pragma
public
x-fb-debug
0c6Cnb1DrV8BWADvp6XMBIATecP0mU344B7DSZH8YYz3yd7OXWYVca5tvRWrJCrsaO/LLvxeNnDeqn761xZAEA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 05 Aug 2022 17:02:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jetboost.js
cdn.jetboost.io/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jetboost.io/jetboost.js
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:1d:7a82:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a0b454039e9ac7799e9cf0ca720107df3a8e00f33ec4a0550baee32f945ca80

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 08:13:04 GMT
content-encoding
gzip
last-modified
Wed, 06 Jul 2022 00:37:04 GMT
server
AmazonS3
age
32665
etag
W/"5a165b8a115f23710bf09583e2aee57a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
mehbRgYqMZabsnLeqIKNIHxq3iMeesDuc1GPklI1WwxMJngVQWXAAA==
6164fcef47fce26c5246f57e_Search.svg
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		622 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6164fcef47fce26c5246f57e_Search.svg
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fca56e0b11525635f30214b19a3b2aabb09f655ebf813cfb1465387970db2a5

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:42:52 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
3284376
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
622
last-modified
Tue, 12 Oct 2021 03:11:45 GMT
server
AmazonS3
etag
"c0459b45ac56c5761c57499116c6a096"
x-amz-version-id
Z8YRqC_F2gIAyiyb4amZd8qlcYxF.SuU
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
1ba_hVInUEfUyUeK4dMUWy2aQOT0xmxmGrxKsi_M0KHk8t_oRIc5ag==
61689d1c6b25d86589eedcf4_kesem-student-leader-with-camper.jpg
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/61689d1c6b25d86589eedcf4_kesem-student-leader-with-camper.jpg
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d425f837ebda7c908269b70c7cfc6a3145ec216f869e8377c2f17ac3b3ab888f

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 14:44:25 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
3377883
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
165458
last-modified
Thu, 14 Oct 2021 21:11:58 GMT
server
AmazonS3
etag
"dffca6504412dcf2bc1b59a0d10223c2"
x-amz-version-id
QSTm3KKXsgVv4m5VFYBLROkBdswTH5Y6
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
D0CPU50eRmLRGU1ZGbWgg48pkwzk09YWe-LTrp86TiTK9qxGVEsf3Q==
615b832dd31fcb596b7efa34_AvenirNext-Bold-01.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 		319 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832dd31fcb596b7efa34_AvenirNext-Bold-01.ttf
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54786df2c038ac72cdff7ea06a978deb83c80ea470a0ea6fb271d486801be773

Request headers

Referer
https://global-uploads.webflow.com/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 07:41:35 GMT
content-encoding
gzip
age
1675253
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Mon, 04 Oct 2021 22:44:17 GMT
server
AmazonS3
etag
W/"61887e1e950488f7a52971725b2ebda6"
vary
Accept-Encoding
x-amz-version-id
jovlRTxS2bxPHKbAHZpNvjntIJTkCbIn
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
content-type
application/x-font-ttf
x-amz-cf-id
_eFE1-C6nJxJh4yYO7UFIspmarwnq2ov-pJR1mZiGRY3KSNAaubn9A==
615b832da1be5c67094e60dc_AvenirNext-DemiBold-03.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 		258 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832da1be5c67094e60dc_AvenirNext-DemiBold-03.ttf
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c5465973630c3de4b1e6845c4a7bd6c82a8d3dca0017ed6919bf39f376ecedb

Request headers

Referer
https://global-uploads.webflow.com/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 07:41:35 GMT
content-encoding
gzip
age
1675253
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Mon, 04 Oct 2021 22:44:17 GMT
server
AmazonS3
etag
W/"2538a3f00a198337bb2911bd6f3182ae"
vary
Accept-Encoding
x-amz-version-id
Oi5FFNu_jnft0VLOBfS3xUpPuEAOYYry
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
content-type
application/x-font-ttf
x-amz-cf-id
toGint2jeACgi-AvFxAQGi6xpLF6RnGW3zzXZzqmEb5e4wOWicgl3Q==
615b832d26553e6afb492002_AvenirNext-Medium-06.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 		271 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832d26553e6afb492002_AvenirNext-Medium-06.ttf
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43f03a6879c657b1c23366307c501a0df1319a9738394ad10be141efb295f2fc

Request headers

Referer
https://global-uploads.webflow.com/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 07:41:35 GMT
content-encoding
gzip
age
1675252
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Mon, 04 Oct 2021 22:44:20 GMT
server
AmazonS3
etag
W/"597381f75a1b983328f95e3966e929f6"
vary
Accept-Encoding
x-amz-version-id
Zr7KX7nVAMxoVw4M72MdGuW4orPozwte
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
content-type
application/x-font-ttf
x-amz-cf-id
T8JbqCDeaidGryzNr9y6f4Dfkzu7Q_nZZxWFZ_zK1lyGoBF6R2djLw==
6164dea52a26695ccd55a022_Girl-Boss-Script.woff
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/6164dea52a26695ccd55a022_Girl-Boss-Script.woff
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d48f66ef07e7cbcace87f5c3c51c11655dcc21c2af1cb9791bc6c58b52f2bae

Request headers

Referer
https://global-uploads.webflow.com/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 07:41:35 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
age
1675252
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
65408
last-modified
Tue, 12 Oct 2021 01:02:30 GMT
server
AmazonS3
etag
"93ea7a555d234a2c95efc2f6acb04efc"
x-amz-version-id
M2W1u4JygU5g0a3r.9BDgZ4sIO6tfMZj
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-font-woff
x-amz-cf-id
f-RUXyOh67dHg0d6kUindLuB0c9QB8pPc-ioq9MXBix8gOK4brrVNA==
6164f429375b8013a3df31c9_Kesem%20logotype%20with%20butterfly-27-27.svg
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6164f429375b8013a3df31c9_Kesem%20logotype%20with%20butterfly-27-27.svg
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c50f434a78b9d7bdc2f09914b19b5456f18311fcc6669d6fb81bdebc948dba1

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 08:46:04 GMT
content-encoding
gzip
age
4868184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Oct 2021 02:34:18 GMT
server
AmazonS3
etag
W/"58ecb0228b938f80322f317e8f7092d2"
vary
Accept-Encoding
x-amz-version-id
FiJPq7._MYbLTcfVLl8MaKAyWYVZHcFk
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
content-type
image/svg+xml
x-amz-cf-id
jzJ1dQCY2hc0NxA1nuVx2n__sgiPiMo0RMkQbleOvT7jIca0MPjrig==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30205020-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
27
date
Fri, 05 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 05 Aug 2022 19:02:00 GMT
6168b9fd064d5862839d171f_New-Chapter-Map_Updated-August-2021.png
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6168b9fd064d5862839d171f_New-Chapter-Map_Updated-August-2021.png
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f400c6407995139ba9fad970c33fef618e601e22375778539242ebd76bccfef

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 02:51:52 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
3507036
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32166
last-modified
Thu, 14 Oct 2021 23:15:11 GMT
server
AmazonS3
etag
"4ccbc8ce541a1e02eda6c479b8babbb4"
x-amz-version-id
Cn8d9tqn1E1xXv0WQJRRLI9_Ty7HErGi
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
K8ejHYiMKc-9Vs64JqympoLT3DrYSGnv1iAsdZwTIHPSCEZuKrZDYA==
618b1601897687ba8c951d49_BigCaslon.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 		218 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c63f9782e146d480542091034f902dc5785016bf269ba41331ab96494bcfd7d2

Request headers

Referer
https://global-uploads.webflow.com/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 07:41:35 GMT
content-encoding
gzip
age
1675252
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Wed, 10 Nov 2021 00:44:50 GMT
server
AmazonS3
etag
W/"ec50ac41f55e7d9116affd7d05c1f656"
vary
Accept-Encoding
x-amz-version-id
pJT0QNGgYRRCy_QWwRdI6mx6sMKqIXP5
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
content-type
application/x-font-ttf
x-amz-cf-id
Aam9P4sQjBqQaNgcY5hWv0SLkh2VV7-YmMT27Ms_yYq9ed11AulfqQ==
615b832d1fbfb136145c5d7a_AvenirNext-Regular-08.ttf
uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/ 		411 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/615b832d1fbfb136145c5d7a_AvenirNext-Regular-08.ttf
Requested by
Host: global-uploads.webflow.com
URL: https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/css/kesem-rebuild.webflow.503d16d07.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c

Request headers

Referer
https://global-uploads.webflow.com/
Origin
https://www.kesem.org
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 07:41:35 GMT
content-encoding
gzip
age
1675252
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Mon, 04 Oct 2021 22:44:22 GMT
server
AmazonS3
etag
W/"4d8fdeb265ff6d34fb3bd8e4292665c0"
vary
Accept-Encoding
x-amz-version-id
.aFR449H7RCWv7VFFv4Bsr88m_QNSmOl
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
content-type
application/x-font-ttf
x-amz-cf-id
vvDZKQ3RiyLp1YFN7lBmCf5DV8h_ZJKPs2vgXNsZ094SWBJN-SLV4Q==
6168a6b6899d6f13c4534c85_home-video-thumbnail.png
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		310 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6168a6b6899d6f13c4534c85_home-video-thumbnail.png
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d345d07713f4280375b721453f58ebf61d3bb3aec11b7db446caec100cf17afb

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:11:34 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
3631854
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
317337
last-modified
Thu, 14 Oct 2021 21:52:56 GMT
server
AmazonS3
etag
"82d54efe2ab409416ea0383379f85be1"
x-amz-version-id
o0x5uGZDz8.JNpICkufaCM701soCfqGA
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
IqMUJHdVGalA6zv7ShsrpfyNIr4CTsO-oLtp2hB8cm0isGpKQgz32Q==
6168ae19a1801221109f46e7_green-heart-rate-icon.png
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6168ae19a1801221109f46e7_green-heart-rate-icon.png
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41b57b9b5a01d7b8e6879e3c3552abc405ac4fddfbebfb04bdfcf110a7f86350

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 09:39:43 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
1927365
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1541
last-modified
Thu, 14 Oct 2021 22:24:27 GMT
server
AmazonS3
etag
"9d9d9d481200f345fd729d012ffb5f1b"
x-amz-version-id
MxsEgxWWFixv_Gcdsqe0YFs2.CZidwTS
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
ufYO2h_QlyY-3XZn5E14L3QpKQhw_HmNNCPtDWJdbRJUzd-m8_XMww==
6168ae19d0b9cd511b7f128b_heart-icon-outline.png
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6168ae19d0b9cd511b7f128b_heart-icon-outline.png
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ef9251e28651c4c8d6a5ae92fc332b7a6e27f939e9af77ec3c92827d59fe29c

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 08:46:04 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
4868184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1080
last-modified
Thu, 14 Oct 2021 22:24:27 GMT
server
AmazonS3
etag
"99692becf7a30ca2fdb2c2ca4de74093"
x-amz-version-id
pB1KIBMB3a4STYEWU2tufSm.ux8omMTi
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
1GemFAPmvKMi9Fb1n_Qo0bwgd8taApszd7iwZdS2no3Hz6tJ4wOXZw==
6168ae1993b7b032f48a2ec5_double-heart-icon.png
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6168ae1993b7b032f48a2ec5_double-heart-icon.png
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ddec7493b356e5f7e21af957a903f128542111be58cb136558cb5f751ce1f43

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 08:46:04 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
4868184
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1225
last-modified
Thu, 14 Oct 2021 22:24:26 GMT
server
AmazonS3
etag
"84f18f604761345c076f6c49514f6865"
x-amz-version-id
ztAuLFNzOSm3bP3Bh44yazFD1HhPfoTg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
YiO47IwciW5L-cGZpKgtkW6CX-P-qGe2Tb5rpL7P1ol3hLK8IKFOzQ==
6168ae199652ec779a7650b8_heart-icon-filled.png
global-uploads.webflow.com/615b7d5e77217e9ff469ea49/ 		728 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global-uploads.webflow.com/615b7d5e77217e9ff469ea49/6168ae199652ec779a7650b8_heart-icon-filled.png
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-15.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2f16e7828359212d4854719fac741c1cb2cd5ee99be707bc8851cdc20fe9a14

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 07:55:02 GMT
via
1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
age
32846
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
728
last-modified
Thu, 14 Oct 2021 22:24:26 GMT
server
AmazonS3
etag
"93966bced5f97c637e61a261051e8ab7"
x-amz-version-id
_OW_7U_e_IUVRGeGJKM1ZKqc_ZcSf9.v
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
VIE50-P1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
zp5bImMUN_5svXRxtBAlvsCli44tSfxG6ydCjaXgWnkhqDz-thgRFA==
478054326004758
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/478054326004758?v=2.9.71&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1c256253efb8d73a97ba95ef58ad0950295f24727a9889acb32d50e1aedd0b8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
MR2AG5nLYmKXfm3mDDqNHBAbhmauS0XHYqrY128UUJvF0WNOqufk/kAjSS63+z2VwP3/vDJCd2EFnowrJ20rdQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 05 Aug 2022 17:02:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659718947453
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1765112201&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kesem.org%2F&ul=en-us&de=UTF-8&dt=Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2035605350&gjid=16485409&cid=242430049.1659718947&tid=UA-30205020-1&_gid=598533693.1659718947&_r=1&gtm=2ou830&z=214152833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kesem.org/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 17:02:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kesem.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-30205020-1&cid=242430049.1659718947&jid=2035605350&gjid=16485409&_gid=598533693.1659718947&_u=YEBAAUAAAAAAAC~&z=566347953
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kesem.org/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 05 Aug 2022 17:02:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.kesem.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=478054326004758&ev=PageView&dl=https%3A%2F%2Fwww.kesem.org%2F&rl=&if=false&ts=1659718947628&sw=1600&sh=1200&v=2.9.71&r=stable&a=plwebflow&ec=0&o=30&fbp=fb.1.1659718947627.1994893467&it=1659718947237&coo=false&rqm=GET
Requested by
Host: www.kesem.org
URL: https://www.kesem.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 17:02:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 05 Aug 2022 17:02:27 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=478054326004758&ev=Microdata&dl=https%3A%2F%2Fwww.kesem.org%2F&rl=&if=false&ts=1659718948131&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem%22%2C%22meta%3Adescription%22%3A%22Kesem%20supports%20children%20through%20and%20beyond%20their%20parent%27s%20cancer%20with%20free%20camp%2C%20other%20fun-filled%20programs%2C%20and%20community%2C%20and%20provides%20resources%20for%20parents.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem%22%2C%22og%3Adescription%22%3A%22Kesem%20supports%20children%20through%20and%20beyond%20their%20parent%27s%20cancer%20with%20free%20camp%2C%20other%20fun-filled%20programs%2C%20and%20community%2C%20and%20provides%20resources%20for%20parents.%22%2C%22twitter%3Atitle%22%3A%22Free%2C%20fun%20support%20for%20kids%20whose%20parents%20have%20cancer%20%7C%20Kesem%22%2C%22twitter%3Adescription%22%3A%22Kesem%20supports%20children%20through%20and%20beyond%20their%20parent%27s%20cancer%20with%20free%20camp%2C%20other%20fun-filled%20programs%2C%20and%20community%2C%20and%20provides%20resources%20for%20parents.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.71&r=stable&a=plwebflow&ec=1&o=30&fbp=fb.1.1659718947627.1994893467&it=1659718947237&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://www.kesem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 17:02:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 05 Aug 2022 17:02:28 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| fbq function| _fbq string| JETBOOST_SITE_ID object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| tram object| Webflow object| gaplugins object| gaGlobal object| gaData function| JetboostBootstrap object| Jetboost

6 Cookies

Domain/Path Name / Value
mma.marshmma.com/ Name: visitor_id644133
Value: 429381139
mma.marshmma.com/ Name: visitor_id644133-hash
Value: 6ce97770a07490ebd1282cb53dc4e9e37912572b27c891844e3a9b68d34e61e192c615dc1ecf632c8513771d422a2a455b9566ce
.kesem.org/ Name: _ga
Value: GA1.2.242430049.1659718947
.kesem.org/ Name: _gid
Value: GA1.2.598533693.1659718947
.kesem.org/ Name: _gat_gtag_UA_30205020_1
Value: 1
.kesem.org/ Name: _fbp
Value: fb.1.1659718947627.1994893467

4 Console Messages

Source Level URL
Text
other warning URL: https://www.kesem.org/
Message:
Failed to decode downloaded font: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other warning URL: https://www.kesem.org/
Message:
OTS parsing error: cmap: Failed to serialize table
other warning URL: https://www.kesem.org/
Message:
Failed to decode downloaded font: https://uploads-ssl.webflow.com/615b7d5e77217e9ff469ea49/618b1601897687ba8c951d49_BigCaslon.ttf
other warning URL: https://www.kesem.org/
Message:
OTS parsing error: cmap: Failed to serialize table

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jetboost.io
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
global-uploads.webflow.com
mma.marshmma.com
stats.g.doubleclick.net
uploads-ssl.webflow.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.kesem.org
18.66.15.15
2600:9000:2057:1c00:1d:7a82:2900:93a1
2a00:1450:4001:803::2008
2a00:1450:4001:80f::200e
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.92.120.28
34.253.101.190
99.86.1.184
99.86.4.104
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
3a0b454039e9ac7799e9cf0ca720107df3a8e00f33ec4a0550baee32f945ca80
3c50f434a78b9d7bdc2f09914b19b5456f18311fcc6669d6fb81bdebc948dba1
3f400c6407995139ba9fad970c33fef618e601e22375778539242ebd76bccfef
41b57b9b5a01d7b8e6879e3c3552abc405ac4fddfbebfb04bdfcf110a7f86350
43f03a6879c657b1c23366307c501a0df1319a9738394ad10be141efb295f2fc
4c5465973630c3de4b1e6845c4a7bd6c82a8d3dca0017ed6919bf39f376ecedb
4ef9251e28651c4c8d6a5ae92fc332b7a6e27f939e9af77ec3c92827d59fe29c
504178d8f9ce2c6276178139240bf8a86bb59bf611230105aeebd05d09a6004f
54786df2c038ac72cdff7ea06a978deb83c80ea470a0ea6fb271d486801be773
5f3eed8e891997529629227d479b1b9d83ae2e1bbaabbf499fcd22e4b303126c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fca56e0b11525635f30214b19a3b2aabb09f655ebf813cfb1465387970db2a5
7d48f66ef07e7cbcace87f5c3c51c11655dcc21c2af1cb9791bc6c58b52f2bae
7ddec7493b356e5f7e21af957a903f128542111be58cb136558cb5f751ce1f43
9e7e425d993b3b2e94a57cb035208083e21a4c5cebc4dc5daee2623f22337728
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b08100c8963fa30932d66422124abca8f90d7de05d6f62da1465132c3b205aa7
c63f9782e146d480542091034f902dc5785016bf269ba41331ab96494bcfd7d2
d1c256253efb8d73a97ba95ef58ad0950295f24727a9889acb32d50e1aedd0b8
d345d07713f4280375b721453f58ebf61d3bb3aec11b7db446caec100cf17afb
d425f837ebda7c908269b70c7cfc6a3145ec216f869e8377c2f17ac3b3ab888f
d5ac820e72de590f6ae99c9bf60aad4a28ce96cffbe4716e02db4c48c5a186d6
dc8035be1111c06775257f6a076f7d428f90bf8abdf8e402647a09ab3ecc5394
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
f2f16e7828359212d4854719fac741c1cb2cd5ee99be707bc8851cdc20fe9a14
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d