covid19.ketto.org Open in urlscan Pro
99.84.155.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covid19.ketto.org/
Effective URL:
https://covid19.ketto.org/
Submission: On March 27 via manual (March 27th 2020, 11:21:30 am UTC) from GB

Summary HTTP 100 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 28 domains to perform 100 HTTP transactions. The main IP is 99.84.155.96, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is covid19.ketto.org.
TLS certificate: Issued by Amazon on October 26th 2019. Valid for: a year.

This is the only time covid19.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	99.84.155.96 99.84.155.96	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
30	2600:9000:214... 2600:9000:214f:1600:d:e617:f340:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	99.84.155.80 99.84.155.80	16509 (AMAZON-02) (AMAZON-02)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
2	64.58.116.144 64.58.116.144	7979 (SERVERS) (SERVERS)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:6c0... 2a02:26f0:6c00:189::143a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.62.118.129 23.62.118.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	95.101.184.154 95.101.184.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.51.140.195 52.51.140.195	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	23.45.237.36 23.45.237.36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	182.161.73.211 182.161.73.211	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	63.33.38.43 63.33.38.43	16509 (AMAZON-02) (AMAZON-02)
2	63.32.63.32 63.32.63.32	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
3	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
100	31

10 99.84.155.96 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-96.txl52.r.cloudfront.net

covid19.ketto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:214f:1600:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02, US)

d1vdjc70h9nzd9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.155.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-80.txl52.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.58.116.144 (Dallas, United States)

ASN7979 (SERVERS, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:189::143a (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

static.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ise.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.118.129 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.184.154 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-184-154.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.140.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-140-195.eu-west-1.compute.amazonaws.com

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.211 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.38.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-38-43.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.63.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress7

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	cloudfront.net d1vdjc70h9nzd9.cloudfront.net d2r1yp2w7bby2u.cloudfront.net	1 MB
10	ketto.org 1 redirects covid19.ketto.org	132 KB
6	adroll.com s.adroll.com d.adroll.com	47 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	96 KB
5	google.de www.google.de	594 B
5	google.com 2 redirects www.google.com	777 B
5	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	5 KB
4	fullstory.com edge.fullstory.com rs.fullstory.com	57 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	74 KB
3	criteo.com 1 redirects sslwidget.criteo.com widget.as.criteo.com	1 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	googletagmanager.com www.googletagmanager.com	110 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	90 KB
2	facebook.com www.facebook.com	497 B
2	wzrkt.com wzrkt.com	977 B
2	clmbtech.com static.clmbtech.com ise.clmbtech.com	3 KB
2	facebook.net connect.facebook.net	143 KB
2	mgid.com a.mgid.com	3 KB
2	taboola.com cdn.taboola.com	35 KB
2	gstatic.com fonts.gstatic.com	20 KB
1	twitter.com analytics.twitter.com	651 B
1	t.co t.co	447 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	bluekai.com stags.bluekai.com
1	criteo.net static.criteo.net	10 KB
1	bkrtx.com tags.bkrtx.com	11 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	11 KB
100	28

	Domain	Requested by
30	d1vdjc70h9nzd9.cloudfront.net	covid19.ketto.org ajax.googleapis.com
10	covid19.ketto.org	1 redirects covid19.ketto.org ajax.googleapis.com
6	dev.visualwebsiteoptimizer.com	covid19.ketto.org dev.visualwebsiteoptimizer.com
5	www.google.de	covid19.ketto.org
5	www.google.com	2 redirects covid19.ketto.org
4	s.adroll.com	www.googletagmanager.com s.adroll.com
3	rs.fullstory.com	edge.fullstory.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.google-analytics.com	2 redirects www.googletagmanager.com
3	www.googletagmanager.com	covid19.ketto.org www.googletagmanager.com
2	www.facebook.com	covid19.ketto.org
2	d.adroll.com	covid19.ketto.org
2	widget.as.criteo.com	covid19.ketto.org static.criteo.net
2	stats.g.doubleclick.net	2 redirects
2	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
2	connect.facebook.net	covid19.ketto.org connect.facebook.net
2	a.mgid.com	www.googletagmanager.com covid19.ketto.org
2	cdn.taboola.com	www.googletagmanager.com covid19.ketto.org
2	fonts.gstatic.com	covid19.ketto.org
2	ajax.googleapis.com	covid19.ketto.org
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	edge.fullstory.com	covid19.ketto.org
1	static.hotjar.com	covid19.ketto.org
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	covid19.ketto.org
1	d.adroll.mgr.consensu.org	1 redirects
1	sslwidget.criteo.com	1 redirects
1	stags.bluekai.com	tags.bkrtx.com
1	ise.clmbtech.com	static.clmbtech.com
1	static.criteo.net	www.googletagmanager.com
1	tags.bkrtx.com	www.googletagmanager.com
1	static.clmbtech.com	www.googletagmanager.com
1	static.ads-twitter.com	covid19.ketto.org
1	www.googleadservices.com	www.googletagmanager.com
1	d2r1yp2w7bby2u.cloudfront.net	covid19.ketto.org
1	fonts.googleapis.com	covid19.ketto.org
100	37

This site contains links to these domains. Also see Links.

Domain
www.ketto.org
www.who.int
www.mohfw.gov.in
api.whatsapp.com
ncdc.gov.in
blog.ketto.org
www.facebook.com
www.twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
support.ketto.org

Subject Issuer	Validity	Valid
ketto.org Amazon	`2019-10-26` - `2020-11-26`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2017-06-30` - `2020-07-06`	3 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh
*.mgid.com Go Daddy Secure Certificate Authority - G2	`2019-09-13` - `2020-11-12`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
static.clmbtech.com GeoTrust RSA CA 2018	`2019-02-08` - `2020-05-09`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
wzrkt.com DigiCert ECC Secure Server CA	`2019-11-12` - `2020-12-03`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2020-01-10` - `2021-04-10`	a year	crt.sh
*.as.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
edge.fullstory.com GTS CA 1D2	`2020-03-05` - `2020-06-03`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://covid19.ketto.org/
Frame ID: 2A1F998CF12A89961065460680DBAB33
Requests: 97 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/84435?ret=html&phint=__bk_t%3DCoronavirus%20Relief%20Fund%20-%20Ketto&phint=__bk_k%3DCoronavirus%20Relief%20Fund%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds&phint=__bk_l%3Dhttps%3A%2F%2Fcovid19.ketto.org%2F&phint=__bk_v%3D3.1.4&limit=1&r=46833370
Frame ID: 92B6C90DF526A34309C00688D6F6F390
Requests: 1 HTTP requests in this frame

Frame: https://widget.as.criteo.com/dis/dis.aspx?p=56509&cb=21541863906&ref=&sc_r=1600x1200&sc_d=24
Frame ID: 4BAE3898050721D0CAC6C5B8E0FA8C01
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 65D49EA53FFE0B3FB94BB2B9B53A5974
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covid19.ketto.org/ HTTP 301
https://covid19.ketto.org/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Amazon EC2 (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /$Amazon$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /$Amazon$/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\/bugsnag.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /tracker\.js/i

Visual Website Optimizer (Analytics) Expand

Overall confidence: 100%
Detected patterns

html //i
script /dev\.visualwebsiteoptimizer\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

100
Requests

100 %
HTTPS

41 %
IPv6

28
Domains

37
Subdomains

31
IPs

8
Countries

1934 kB
Transfer

5393 kB
Size

1
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ketto.org/
Title: Ketto.org

Search URL Search Domain Scan URL

URL: https://www.who.int/emergencies/diseases/novel-coronavirus-2019/events-as-they-happen
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.ketto.org/crowdfunding
Title: online crowdfunding service

Search URL Search Domain Scan URL

URL: https://www.ketto.org/new/crowdfunding
Title: start a fundraiser

Search URL Search Domain Scan URL

URL: https://www.who.int/india/emergencies/novel-coronavirus-2019
Title: WHO Country Office for India (WCO)

Search URL Search Domain Scan URL

URL: https://www.mohfw.gov.in/Poster_Corona_ad_Eng.pdf
Title: Ministry of Health & Family Welfare (MoHFW)

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=919013151515
Title: +91 9013151515

Search URL Search Domain Scan URL

URL: https://www.mohfw.gov.in/coronvavirushelplinenumber.pdf
Title: MoHFW State wise helpline numbers.

Search URL Search Domain Scan URL

URL: https://ncdc.gov.in/index4.php?lang=1&level=0&linkid=127&lid=432
Title: NCDC’s Website

Search URL Search Domain Scan URL

URL: http://blog.ketto.org/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ketto.org
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/ketto
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/ketto-online-ventures-private-limited
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Kettodotorg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kettoindia/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=917700975559
Title: Chat with us

Search URL Search Domain Scan URL

URL: https://support.ketto.org/hc/en-us/articles/360021050313-Terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://support.ketto.org/hc/en-us/articles/360021156273-Privacy-Policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://support.ketto.org/hc/en-us/articles/360020926294-AML-Policy
Title: AML Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covid19.ketto.org/ HTTP 301
https://covid19.ketto.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736299900&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19.ketto.org%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20Relief%20Fund%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=125589254&gjid=1720433932&cid=813225549.1585308072&tid=UA-30181760-1&_gid=1765255802.1585308072&_r=1&gtm=2wg3i0MJRMLZ&cd12=1585308071654.6twfbggp&z=17292880 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_gid=1765255802.1585308072&gjid=1720433932&_v=j81&z=17292880 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_v=j81&z=17292880 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_v=j81&z=17292880&slf_rd=1&random=3481759924

Request Chain 52

https://sslwidget.criteo.com/event?a=56509&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=ketto.org&dtycbr=55677 HTTP 302
https://widget.as.criteo.com/event?a=56509&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=ketto.org&dtycbr=55677

Request Chain 55

https://d.adroll.mgr.consensu.org/consent/iabcheck/KCAAQWJCWVGRDFUJKGTQV6?_s=62e46a8f14aa817810822531150fdd33&_b=2 HTTP 302
https://d.adroll.com/consent/check/KCAAQWJCWVGRDFUJKGTQV6/?_s=62e46a8f14aa817810822531150fdd33&_b=2

Request Chain 93

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736299900&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcovid19.ketto.org%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20Relief%20Fund%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GTM&ea=10%20Second&_u=aHBAAAAB~&jid=2042666271&gjid=371876073&cid=813225549.1585308072&tid=UA-30181760-1&_gid=1765255802.1585308072&_r=1&gtm=2wg3i0MJRMLZ&cd12=1585308071654.6twfbggp&cd14=813225549.1585308072&z=712719763 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_gid=1765255802.1585308072&gjid=371876073&_v=j81&z=712719763 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_v=j81&z=712719763 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_v=j81&z=712719763&slf_rd=1&random=1989854629

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
covid19.ketto.org/
Redirect Chain

http://covid19.ketto.org/
https://covid19.ketto.org/

71 KB
22 KB

952ms
902ms

Document
text/html

99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-96.txl52.r.cloudfront.net
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: eff93f915542bbdd651063ef0615b6947372409efde097ec95fff285576fb808

Request headers

:method: GET
:authority: covid19.ketto.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 21643
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
date: Fri, 27 Mar 2020 11:21:09 GMT
pageurl-1: 3
pragma: no-cache
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
set-cookie: KETTOSESSID=6875koh1eetsg35a7b50kqpnt2; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Fri, 03-Apr-2020 11:21:09 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=5f271304e9f5fd790dddb940ee5bf5d4; expires=Sun, 03-Mar-2120 11:21:09 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiIzNWM0MzVmMDkxYmIyZjQ1MTQzZGNhM2EzODI4MGU5MSIsInN0IjoxNTg1MzA5ODY5fQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Fri, 03-Apr-2020 11:21:10 GMT; Max-Age=604800; path=/; domain=.ketto.org
vary: Accept-Encoding
x-mod-pagespeed: 1.13.35.2-0
x-powered-by: PHP/5.6.40
x-cache: Miss from cloudfront
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: OX8T1evXL3WCQs20Tf_mUZCrT_QiTEtBUR2H544A3rRi6iXWNwjDfQ==

Redirect headers

Server: CloudFront
Date: Fri, 27 Mar 2020 11:21:09 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://covid19.ketto.org/
X-Cache: Redirect from cloudfront
Via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: TXL52-C1
X-Amz-Cf-Id: xnBR5NOOs3HjBT8WKirIHLkMfqhSJCGr3SdJ3Vc8wu07YTq6miTctA==

GET
H2 200 style_comp.css
covid19.ketto.org/css_old/ 587 KB
94 KB 961ms
960ms Stylesheet
text/css 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://covid19.ketto.org/css_old/style_comp.css?v=1.0.9

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-96.txl52.r.cloudfront.net

Software

Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /

Resource Hash

f899c318a17019d103127044bcf842d6de73db5e1c2aa7244d41a36ce88b9aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 601449
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
content-length: 95756
last-modified: Fri, 15 Feb 2019 07:25:35 GMT
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
etag: "92d69-581e9ae4fa4ac-gzip"
vary: Accept-Encoding
content-type: text/css
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cache-control: max-age=172800, public
accept-ranges: bytes
x-amz-cf-id: QdETIZmRMjOQV6S97tNtVPM31ffJ_HjGYMReTINnVpllKRdcqkk9Vw==
expires: Sat, 28 Mar 2020 08:58:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
835 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f6e206730b9cfa13f568754d8c0985b03f8a7b55265eb88b3c0f8c80cd445e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 11:21:10 GMT
server: ESF
date: Fri, 27 Mar 2020 11:21:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 27 Mar 2020 11:21:10 GMT

GET
H2 200 custom.9e2e9d.css
d1vdjc70h9nzd9.cloudfront.net/less/ 661 KB
101 KB 69ms
42ms Stylesheet
text/css 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4565122d9ee64fbbafef6ff6f3d57c14a7859bd069a238e850bd4076f96bc980

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 20:05:01 GMT
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 07:30:46 GMT
server: AmazonS3
age: 54970
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: irntcXBtOFAs06oWpfnWyD1li2DDFvh_NtzXyYPkVmNmuMR9Kkh0UQ==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)

GET
H2 200 whitlabel.css
covid19.ketto.org/css_old/ 16 KB
3 KB 662ms
661ms Stylesheet
text/css 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://covid19.ketto.org/css_old/whitlabel.css?v=1.0.1

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-96.txl52.r.cloudfront.net

Software

Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /

Resource Hash

f461a4817dca35bd182b59f1954ff80d117bcf7301e73c32bd1ec8274bff69cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 11:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 21148
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
content-length: 2587
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
etag: W/"PSA-aj-xeYk1a7Hk3"
vary: Accept-Encoding,User-Agent,Save-Data
content-type: text/css
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cache-control: max-age=165173, public
accept-ranges: bytes
x-amz-cf-id: QiwjdAyHtDFP0Fc3cPfsW4mFV6Nw_RBtDF62BrFi8FaPTKWqLKYI1w==
expires: Sun, 29 Mar 2020 09:14:04 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 12:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2500806
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 12:41:04 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/ 223 KB
60 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 11:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1555415
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61441
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Mar 2021 11:17:35 GMT

GET
H2 200 whitlabel.js Show response
covid19.ketto.org/js_old/ 11 KB
4 KB 755ms
755ms Script
text/javascript 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://covid19.ketto.org/js_old/whitlabel.js

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-96.txl52.r.cloudfront.net

Software

Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /

Resource Hash

204d5b8a649a508a4953dee7b09f7fd675a01dce744db720646db8698e6854ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 11438
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
content-length: 3284
last-modified: Wed, 12 Jul 2017 13:10:25 GMT
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
etag: "2cae-5541e8a07a802-gzip"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cache-control: max-age=172800, public
accept-ranges: bytes
x-amz-cf-id: 04gmEiOb5q6FDqpXKA11mgF59wwNo6O8lgSgHanCwV60CccifvJhrQ==
expires: Sat, 28 Mar 2020 11:15:24 GMT

GET
H2 200 4312934cad4fe9b92249dda86c1811b0185f017a.png
d1vdjc70h9nzd9.cloudfront.net/media/events/1399000/1399904/image/ 365 KB
366 KB 780ms
753ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/events/1399000/1399904/image/4312934cad4fe9b92249dda86c1811b0185f017a.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a4b945f0ca1d96e89cd5156809d302131b9b11ff0847a1196bed8d1e9408460

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 23 Mar 2020 06:19:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "49de0bf0bd39ac2ea6340d500354a894"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 373759
x-amz-cf-id: YdW8Rf_1D9Z4WqiHPYSQi495MCHt5hIf5-KgW1UVliLcSy2T97TNDg==

GET
H2 200 handlebars.min.js Show response
d1vdjc70h9nzd9.cloudfront.net/js/ 71 KB
21 KB 53ms
27ms Script
application/x-javascript 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/js/handlebars.min.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acc39238ce470f35443285594efdb5f3df912924d2818e5929f4df6a9eeadb31

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 08:15:36 GMT
content-encoding: gzip
last-modified: Sat, 12 May 2018 15:51:02 GMT
server: AmazonS3
age: 11135
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 5MlIhtcsRJoNtjdHIYvqzQeGS9aNQ8KpkdWUzZRt1q7-w9CDy6TFPQ==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)

GET
H2 200 handlebars.helpers.min.0562f5.js Show response
d1vdjc70h9nzd9.cloudfront.net/js/ 5 KB
2 KB 744ms
744ms Script
application/javascript 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/js/handlebars.helpers.min.0562f5.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5dc0b27eb3644f9af0a74b7878c9096f489cc69b9d8986a815b854f03e01f29

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 13:32:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: UMMP-sO4X9yQOnSL3jSJkOOhUu0m8WG-_benJAFnsGlKuuiWR5zX2A==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)

GET
H2 200 ngo-widget-listing.js Show response
covid19.ketto.org/templates/ 15 KB
3 KB 214ms
214ms Script
text/javascript 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://covid19.ketto.org/templates/ngo-widget-listing.js?v=1.0.5

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-96.txl52.r.cloudfront.net

Software

Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /

Resource Hash

706e18b7a2bc04e783ba1a17bbfa5178103489e8dcd7cca51c1d32f73dffa060

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 17328
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
status: 200
content-length: 2125
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
etag: W/"PSA-aj-J7zIYJuv1N"
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cache-control: max-age=164159, public
accept-ranges: bytes
x-amz-cf-id: DzRSbr9vJZ1yoleLWKaFXV87MFrR4L2VeCPX4ZfPCIFD0iHwNKwMLg==
expires: Sun, 29 Mar 2020 08:57:11 GMT

GET
H2 200 footer.bundle.bdb724.js Show response
d1vdjc70h9nzd9.cloudfront.net/js/footer/ 282 KB
75 KB 10ms
10ms Script
application/javascript 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/js/footer/footer.bundle.bdb724.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e570e4c1bc90a93412f02d525cb4356e87acb195835a633fea21cd3952760c35

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 05:16:59 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 08:42:23 GMT
server: AmazonS3
age: 21853
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rIWGy8ZaXQBlp6wiOxS8v6cCJtukv1Qagmh9kIumQldjw0A0E1xs_Q==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 208 KB
54 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c1634dde0fedc846c970c7a3d46afc5e64fe553ac5488b0f5fa06f58a83c8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 54829
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Mar 2020 11:21:11 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 42 KB
15 KB 94ms
21ms Script
application/javascript 99.84.155.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-80.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9fd400a8864fba68efe8e41b9ebaabaa206159da4fabb821fd985c3a48f06045

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 11:11:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Nov 2019 13:15:55 GMT
Server: AmazonS3
Age: 599
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 df792ea3bbbe656e2f5c7b61aa85cc47.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: TXL52-C1
Connection: keep-alive
X-Amz-Cf-Id: 4_do7QWO5xc3Bvm1C778ZZyn8EpW623ZIZf1wzRtVP74Ttnqmwi3SQ==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 4 KB
2 KB 100ms
34ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fcovid19.ketto.org%2F&r=0.9081810247397706
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: f518a5850645717792b2cc36a12d55a32d08c560d3d40adf77b52ea2addf3e18

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
server: gfra1
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H2 200 ketto-preloader.gif
d1vdjc70h9nzd9.cloudfront.net/images/ 33 KB
33 KB 11ms
11ms Image
image/gif 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/ketto-preloader.gif
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 06:51:38 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:11:56 GMT
server: AmazonS3
age: 16174
etag: "b450384414976a19d30e015730e860b6"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 33461
x-amz-cf-id: wMFtgO0-d86o0I-EGlXJiQdYRXDo3tNt_y8HntvIrF82USZcWl3NNA==

GET
H2 403 /
d1vdjc70h9nzd9.cloudfront.net/ 0
0 742ms
741ms Image
application/xml 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 main-logo-small.png
d1vdjc70h9nzd9.cloudfront.net/images/ 780 B
1 KB 213ms
212ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/main-logo-small.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00e91363aec80266d911c887d1ca65351c3fd18648a7091cfd10bc5838c03991

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:53:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "976eb8056e2ea95aa0cf977c34ac3870"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 780
x-amz-cf-id: IZBEJXqsC2fDZRGj6WgcVvQP3ZqAXCMPategTp1Bh9JfJY5l84AUKw==

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v9/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v9/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 02:44:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:41 GMT
server: sffe
age: 2709396
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10292
x-xss-protection: 0
expires: Wed, 24 Feb 2021 02:44:35 GMT

GET
H2 200 fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ 70 KB
71 KB 996ms
949ms Font
application/octet-stream 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
content-length: 71896
last-modified: Mon, 07 May 2018 14:12:37 GMT
server: AmazonS3
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Origin
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 38mBEa0b4ImsQg9jN7oj1BBhgiLl0552-7Atzti1D9FbHyizGxZbQg==

GET
H2 200 brandingcollectionbg.png
covid19.ketto.org/images_old/ 923 B
1 KB 601ms
601ms Image
image/png 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid19.ketto.org/images_old/brandingcollectionbg.png

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-96.txl52.r.cloudfront.net

Software

Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /

Resource Hash

07bc8b8d77e594cc352fbb4d82dc756c8de9605529c153441d98d693ce684859

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/css_old/style_comp.css?v=1.0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 12 Jul 2017 13:10:24 GMT
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: TXL52-C1
etag: "39b-5541e89ff2c2b"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=1172800, public, s-maxage=10
accept-ranges: bytes
content-length: 923
x-amz-cf-id: RuxWcRh-6XKK4DIb9lW0im8e-bmk2uIDw1Zc3Kg0uHy65RdlEU9s0g==
expires: Sun, 26 Apr 2020 11:16:30 GMT

GET
H2 200 dropdown_arrow.png
covid19.ketto.org/images_old/ 263 B
682 B 620ms
620ms Image
image/png 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covid19.ketto.org/images_old/dropdown_arrow.png

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-96.txl52.r.cloudfront.net

Software

Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /

Resource Hash

0a154422438f236a08876dcc7627c6360823ecd673c1394b0a87be88e591d104

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/css_old/style_comp.css?v=1.0.9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-original-content-length: 1049
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: TXL52-C1
etag: W/"PSA-aj-VXeNWRhPFF"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=1172428, public
accept-ranges: bytes
content-length: 263
x-amz-cf-id: iBOe3tQt1MOHvj8SmLX6HEm5mBcl26O4QmFerYmv52r3PnxRJfBHKQ==
expires: Fri, 10 Apr 2020 01:01:41 GMT

GET
H2 200 icon-no-listing.png
d1vdjc70h9nzd9.cloudfront.net/images/ 10 KB
10 KB 7ms
7ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/icon-no-listing.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18afaec50104bf72f11b98340af130b24d3501c2bc07382848a3201850656db3

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 08:15:39 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:51:04 GMT
server: AmazonS3
age: 11132
etag: "34ca1b32e5f0b893faa91dd276b445d7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 9806
x-amz-cf-id: 5o7sA_q53V1yPiJqAODyrpTK5TBp9IyDnB-_b3oCfMAsoLHFL6dsBg==

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v9/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v9/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 02:18:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:20:44 GMT
server: sffe
age: 2710972
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10116
x-xss-protection: 0
expires: Wed, 24 Feb 2021 02:18:19 GMT

GET
H2 200 dashboard.php Show response
covid19.ketto.org/dashboard/custom/ 8 KB
3 KB 840ms
840ms XHR
text/html 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.ketto.org/dashboard/custom/dashboard.php?fmd_id=1399904&task=get_campaigns&fmd_count=8&entity_type=events&page=0
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-96.txl52.r.cloudfront.net
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 9a8b7914cf2110563490edb32785909e5746ba6be313012bf0a93f438c2eee4b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://covid19.ketto.org/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT
content-encoding: gzip
x-amz-cf-pop: TXL52-C1
x-powered-by: PHP/5.6.40
x-cache: Miss from cloudfront
status: 200
x-mod-pagespeed: 1.13.35.2-0
content-length: 2135
pragma: no-cache
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
pageurl-1: 1
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
cache-control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id: BpkRqvwGHLoXV7MoaPHpDndbMW8LL6AVvJi_e0-EBE-jXO8uARDDIQ==

GET
H2 200 payment-options.png
d1vdjc70h9nzd9.cloudfront.net/images/ 5 KB
6 KB 14ms
14ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/payment-options.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb4445c6d515c6e571979b75fca5bf825d17d958ab6704d3448ec561a46b06ab

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 06:51:38 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:53:20 GMT
server: AmazonS3
age: 16174
etag: "4222881df6d159b9d69ff474cd06f92d"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 5382
x-amz-cf-id: JZ3R9RoKiZVAYqBalPb_H5qDJh05VaDu2Edxm87zC8hFvSOLAoEyDA==

GET
H2 200 lock-icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ 917 B
1 KB 15ms
14ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/lock-icon.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec6b24b6615cc019288b7250b71e432f07778e102bc645e6d6b50f3bbf833211

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 06:51:38 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:53:05 GMT
server: AmazonS3
age: 16174
etag: "7d9a7cbcf400928daf8050ef9446693a"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 917
x-amz-cf-id: FuEnu3nYate5V9hQqRU9U6MXBq3V7NjJTOuH_HSPn4x_EqFIZWwieg==

GET
H2 200 style.css
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ 5 KB
1 KB 16ms
16ms Stylesheet
text/css 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/style.css?v=1.9
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72f499876d41e6dc704317e5ee281bdf04f12b7c9d231b0fedd274af9052fbba

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 20:05:10 GMT
content-encoding: gzip
last-modified: Tue, 30 Apr 2019 14:15:35 GMT
server: AmazonS3
age: 54962
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0lg7oBpGrUAhTRtA40qwVp1FV1QvC1Pz0HP4YwSICC6oFLsDN3CPUA==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)

GET
H2 200 footer.bundle.8577ab.css
d1vdjc70h9nzd9.cloudfront.net/less/footer/ 80 KB
11 KB 17ms
16ms Stylesheet
text/css 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/less/footer/footer.bundle.8577ab.css
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a646f9cd4df5de0bd8407acf99caf9b66afe70a3f97eca8ae48beac4228e0d1e

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 27 Mar 2020 06:51:38 GMT
content-encoding: gzip
last-modified: Tue, 03 Sep 2019 08:44:52 GMT
server: AmazonS3
age: 16174
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: a9dephiReoU_ebGU-2YEWE2gmPcKjezHImJZE0OvMB8rmqWC_ATd8Q==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)

GET
H2 200 icon-select.png
d1vdjc70h9nzd9.cloudfront.net/images/ 168 B
519 B 8ms
7ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/icon-select.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52ed49f76c6f0aa20536879fc017e64532d995e7645dc17e99f8c311cfdf12b3

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.9e2e9d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 06:51:38 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:51:04 GMT
server: AmazonS3
age: 16174
etag: "fe136b8d97a603c43987a99ad538a020"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 168
x-amz-cf-id: XM6HEgIj7PMX6_OU7e3uo8bU8DWfIBtBkREOslGb6EPBK_zUmuB1gg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
11 KB 137ms
50ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9982
x-xss-protection: 0
server: cafe
etag: 13837497077581106518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 27 Mar 2020 11:21:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 2859
date: Fri, 27 Mar 2020 10:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 27 Mar 2020 12:33:32 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1271067/ 42 KB
14 KB 126ms
108ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29ac5d98ec4d2faddcf3f34c59cdb66cb11d0e40997e5e4da61cb1985fcaab4f

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Hz8DsEmvcVP0cweLpbEmIVMcYwb0toHt
content-encoding: gzip
age: 135
x-cache: HIT
status: 200
date: Fri, 27 Mar 2020 11:21:11 GMT
x-amz-replication-status: PENDING
content-length: 13717
fastly-restarts: 1
x-amz-id-2: uvK62jB2mMdUFALBrktszk9WwmTg9o/J+U1XhsL0zAq1agVP2CzeJPzOjS6Ctd7z5zgm22ix0uQ=
x-served-by: cache-fra19177-FRA
last-modified: Fri, 27 Mar 2020 11:18:55 GMT
server: AmazonS3
x-timer: S1585308072.679169,VS0,VE96
etag: "dfa3b06f01184e8e78c45cf15e9763f8"
vary: Accept-Encoding
x-amz-request-id: 5587E523953CDA95
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 70

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 11 KB
3 KB 394ms
131ms Script
application/javascript 64.58.116.144
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1585308071662&source=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.144 Dallas, United States, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.7 /
Resource Hash: 692b323f85b8bd2cad2d4c0127514420d44056818f91e9b9f7e89a1b526cc04f

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:12 GMT
content-encoding: gzip
server: nginx/1.15.7
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 74ms
24ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
age: 11233
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4071-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1585308072.718064,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: VqhOjWONF0JBjZAEMtVuWym7e8XZIobPDmwxXVBu1fx1SpjALLg63TgrqemLy11YpEM3tXj4XSxC0aTl9apoUw==
x-fb-trip-id: 1850256238
date: Fri, 27 Mar 2020 11:21:11 GMT, Fri, 27 Mar 2020 11:21:11 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-782023289

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

400ef3f6d7997f91b6e38ec3fe10a6b203c5c8515c53ff6bfb21fc9430760dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28421
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Mar 2020 11:21:11 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1201088/ 61 KB
21 KB 113ms
102ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ec14ac967d5714ea823120de8f8de1077049a0c9aa5a5234e573d92dc08a43e

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: duguZDjVfw9OmWe1dBRqCmBKTjVf_iPw
content-encoding: gzip
age: 0
x-cache: HIT
status: 200
date: Fri, 27 Mar 2020 11:21:11 GMT
x-amz-replication-status: COMPLETED
content-length: 20907
x-amz-id-2: sjDPQIvawxAPIbVHsQfJcBeu7mi4Q94mFgPndVtejG766spOw/k8RGaiRstUmy9DxAeYzIlkERg=
x-served-by: cache-fra19177-FRA
last-modified: Wed, 29 Jan 2020 13:39:12 GMT
server: AmazonS3
x-timer: S1585308072.679195,VS0,VE94
etag: "cbac7cc026df5f4166319633a01b1c5a"
vary: Accept-Encoding
x-amz-request-id: AB7AA9943B0C07F7
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 1

GET
H2 200 aa.js Show response
static.clmbtech.com/ase/29892/2552/ 5 KB
2 KB 29ms
6ms Script
application/javascript 2a02:26f0:6c00:189::143a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.clmbtech.com/ase/29892/2552/aa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:189::143a , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips /
Resource Hash: 3915e11545c3fb2575aabe4128289d5eef42ecfb38a5e0e37fd6263dc13b3ff2

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
status: 200
access-control-max-age: 86400
content-length: 2040
last-modified: Fri, 04 Oct 2019 12:14:24 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
etag: "153c-59414a4860a4a-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 28 Mar 2020 11:21:11 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 30 KB
11 KB 52ms
16ms Script
text/javascript 23.62.118.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.118.129 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-118-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b8cd61f9d36175fe1b2fc50dfd1585716b9e55a87a82e8ec3c5d9739d6fb939

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 27 Mar 2020 11:21:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Mar 2020 16:24:16 GMT
Server: Apache
ETag: "31600f9-7850-5a009da075833"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10546
Expires: Fri, 03 Apr 2020 11:21:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9811153

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04b2ac416cf183f162df184c3009c77187410a4e31d5120bd7b97b25f940271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28637
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 Mar 2020 11:21:11 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 43ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5df79c22-7533"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 28 Mar 2020 11:21:11 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 34 KB
11 KB 45ms
14ms Script
text/javascript 95.101.184.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.154 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8939fc82cf413debf8dabe238f5a087d7a9de4034302b3e1900519330d1ef2c2

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: fE06Fv6CigOvPEvMP5lqB.kXTt2sg1Al
Content-Encoding: gzip
x-amz-request-id: FD513016009CFFD0
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Fri, 27 Mar 2020 11:21:11 GMT
Connection: keep-alive
Content-Length: 10924
x-amz-id-2: 1lnWnDaJajk12FY6ae35NmAjkofe3E1GL2VZQf/G+akzIQmi0b7WLESmcq+eOHgyYT5DGT7Ff7M=
Last-Modified: Tue, 17 Mar 2020 21:20:33 GMT
Server: AmazonS3
ETag: "f17c6c4e250f21b7329649297b5575d2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 va-268e5d055e3477f16578a91cdab00227.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 188 KB
55 KB 105ms
35ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/va-268e5d055e3477f16578a91cdab00227.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fcovid19.ketto.org%2F&r=0.9081810247397706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 689754c4f440890cf64c45da96a6d49a9613df615e0d5a5512e30784f54d89e9

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
last-modified: Wed, 25 Mar 2020 04:28:08 GMT
server: gfra1
access-control-allow-origin: *
etag: "5e7addd8-d9d4"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55764
via: 1.1 google

GET
H2 200 track-268e5d055e3477f16578a91cdab00227.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 11 KB
4 KB 131ms
62ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/track-268e5d055e3477f16578a91cdab00227.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fcovid19.ketto.org%2F&r=0.9081810247397706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: b1d8fdba5f58734f86f19091d1c0f5cf19f25a008a176504da6d3fc1125b37b8

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
last-modified: Wed, 25 Mar 2020 04:28:08 GMT
server: gfra1
access-control-allow-origin: *
etag: "5e7addd8-e22"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 3618
via: 1.1 google

GET
H2 200 opa-a4111607dc5ce718c2993c75e25e5d78.js Show response
dev.visualwebsiteoptimizer.com/analysis/3.0/ 85 KB
22 KB 145ms
77ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fcovid19.ketto.org%2F&r=0.9081810247397706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 389f7284b4bf8b26987d552abaa7d1827991560d7124486641f4955b30776e8f

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 08:52:38 GMT
server: gfra1
access-control-allow-origin: *
etag: "5e6f3e56-574c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 22348
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
218 B 121ms
119ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=326437&d=ketto.org&u=DA077F3862EC3F01DF8BCBB0BCC6B640B&h=fc84ea2b3abd77229586ad04f6fda731&t=false&r=0.33302674416548816

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1-c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1-c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 a Show response
wzrkt.com/ 252 B
482 B 102ms
32ms Script
text/javascript 52.51.140.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzrkt.com/a?t=94&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciACoQOYwAEAagJYwDuMAJtrmACKFiEEoHikYBjOgBVoZECIDOAazAB7KF0o1aAVQBKAGQQgA9FwDKMefMYq0tAJI8jYgGYB2MQGYATADZCAIwuAEYADGJungAsYW6BoQG%2BAJxivqGE3gCsABxc9uS0AILs7ABOlvJG2UkAdN5Rtb5RNQFJvlwAQqUqLPIwpUYAwgAW3aQgAL44jJyIUbq%2BALRRbtmLurpRAFpcUFQIARNAAA%3D&rn=1&i=1585308071&sn=0&r=1585308071694
Requested by: Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.51.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-140-195.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8627d217b1aa9d076369956a8e8d6988ee1db5a1db24be6ddbb055fc63bfcb64

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
status: 200
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT, 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736299900&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19.ketto.org%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20Relief%20Fund%20-%20Ketto&sd=24-bit&sr=16...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_gid=1765255802.1585308072&gjid=1720433932&_v=j81&z=17292880
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_v=j81&z=17292880
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_v=j81&z=17292880&slf_rd=1&random=3481759924

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_v=j81&z=17292880&slf_rd=1&random=3481759924

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=125589254&_v=j81&z=17292880&slf_rd=1&random=3481759924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 441308802710601 Show response
connect.facebook.net/signals/config/ 448 KB
113 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441308802710601?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ccf1e57eac7ddaa4c07a356f41e677862a9893395ed4ca1bd8287156d1524498

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115494
x-xss-protection: 0
pragma: public
x-fb-debug: zkm2WCpUhk/AcuVTzNcZpK1JUCL8IzM0DKsZzeaiC0iKg5uWuvM82wCRMlW118r+1zh3tO2GxXYTgy/2UZwh9Q==
x-fb-trip-id: 1850256238
date: Fri, 27 Mar 2020 11:21:11 GMT, Fri, 27 Mar 2020 11:21:11 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 message Show response
ise.clmbtech.com/ 204 B
502 B 150ms
128ms Script
text/plain 2a02:26f0:6c00:189::143a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ise.clmbtech.com/message?cid=29892%3A2552&val_101=ctrt:https://covid19.ketto.org/&val_102=covid19.ketto.org&val_120=0

Requested by

Host: static.clmbtech.com
URL: https://static.clmbtech.com/ase/29892/2552/aa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:189::143a , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

693d5546169be90d4d6fb69ae0f102f0f9b34e4353974639d9209a2120e178a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
server: nginx
date: Fri, 27 Mar 2020 11:21:11 GMT
x-frame-options: sameorigin
content-type: text/plain;charset=ISO-8859-1
status: 200
content-length: 204
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 84435
stags.bluekai.com/site/ Frame 92B6 0
0 291ms
247ms Document
text/html 23.45.237.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/84435?ret=html&phint=__bk_t%3DCoronavirus%20Relief%20Fund%20-%20Ketto&phint=__bk_k%3DCoronavirus%20Relief%20Fund%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds&phint=__bk_l%3Dhttps%3A%2F%2Fcovid19.ketto.org%2F&phint=__bk_v%3D3.1.4&limit=1&r=46833370
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-237-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://covid19.ketto.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covid19.ketto.org/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: f030
Date: Fri, 27 Mar 2020 11:21:12 GMT
Connection: keep-alive
X-N: S

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=56509&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=ketto.org&dtycbr=55677
https://widget.as.criteo.com/event?a=56509&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=ketto.org&dtycbr=55677

1 KB
1 KB

823ms
277ms

Script
application/x-javascript

182.161.73.211
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.as.criteo.com/event?a=56509&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=ketto.org&dtycbr=55677
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.161.73.211 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d324d57bfcb2d708505a9b4879dac4b8903c40af63ebc787b7dedcfaa3b1c3e0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 843
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
location: https://widget.as.criteo.com/event?a=56509&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&tld=ketto.org&dtycbr=55677
status: 302
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/KCAAQWJCWVGRDFUJKGTQV6/ 35 B
754 B 14ms
13ms Script
application/javascript 95.101.184.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/KCAAQWJCWVGRDFUJKGTQV6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.154 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 80546066d245528f0202bb7392b2feabaf23ff0e1752bc206a42d94460159c95

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: j7Z.2h2PXQna7iVRUrOBXbfKqlLb_XZ6
Content-Encoding: gzip
x-amz-request-id: 3F616432EFC7E659
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Fri, 27 Mar 2020 11:21:11 GMT
Connection: keep-alive
Content-Length: 55
x-amz-id-2: yld2DnqKH3aIj7VJSnQmYf/OGAYPwUg5Rurhs84PwvBk61x2aDndvwP5WorFk7Mx1dHhSMrdR6Q=
Last-Modified: Thu, 19 Mar 2020 22:39:24 GMT
Server: AmazonS3
ETag: "9e2c1f16b8efeb082194460eaac9189c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/KCAAQWJCWVGRDFUJKGTQV6/OLNDMDAJB5C4ZKDEG4NFM5/ 1 KB
1 KB 28ms
14ms Script
text/javascript 95.101.184.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/KCAAQWJCWVGRDFUJKGTQV6/OLNDMDAJB5C4ZKDEG4NFM5/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.154 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: xikWaMU7UKcoElkPiUB7vjuDzoCu5Mh4
Content-Encoding: gzip
x-amz-request-id: FBB5AE6BBB5385D7
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Fri, 27 Mar 2020 11:21:11 GMT
Connection: keep-alive
Content-Length: 635
x-amz-id-2: 9T7Q2EOCBnMnMNhKgXkGN1qQbXxfi4b1nzBzO2K8RBOb5XX8FPAPgevM9c2WTH2hCKdpD+G4SLI=
Last-Modified: Fri, 27 Mar 2020 04:09:08 GMT
Server: AmazonS3
ETag: "3996d65282dd996ee0d7d4c90c139158"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/KCAAQWJCWVGRDFUJKGTQV6/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/KCAAQWJCWVGRDFUJKGTQV6?_s=62e46a8f14aa817810822531150fdd33&_b=2
https://d.adroll.com/consent/check/KCAAQWJCWVGRDFUJKGTQV6/?_s=62e46a8f14aa817810822531150fdd33&_b=2

106 B
198 B

93ms
31ms

Script
application/javascript

63.32.63.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KCAAQWJCWVGRDFUJKGTQV6/?_s=62e46a8f14aa817810822531150fdd33&_b=2
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 933a30183d705ef1890c7c847843010a343a030f6ce01df88dbf5e6f70ee85a3

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 27 Mar 2020 11:21:11 GMT
server: nginx/1.16.1
content-length: 106
content-type: application/javascript

Redirect headers

status: 302
date: Fri, 27 Mar 2020 11:21:11 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/KCAAQWJCWVGRDFUJKGTQV6/?_s=62e46a8f14aa817810822531150fdd33&_b=2

GET
H2 200 adsct
t.co/i/ 43 B
447 B 201ms
140ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Fri, 27 Mar 2020 11:21:11 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a358a1ed7f166fae42aa0b9c7102528d
x-transaction: 0077c87a00020207
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fcovid19.ketto.org%2F&rl=&if=false&ts=1585308071783&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585308071782.1778557879&it=1585308071726&coo=false&rqm=GET

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT, Fri, 27 Mar 2020 11:21:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Mar 2020 11:21:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 2 KB
2 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1585308071807&cv=9&fst=1585308071807&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb06fe4cd36474e4d53c62779fe3d9676657bb9b1f2fd1d94e307d7304009a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1003
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 2 KB
1 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1585308071810&cv=9&fst=1585308071810&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f63db5c3f22f824c810536f61d2e1217b612a0e50d5295b4ee94eb688d85c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1004
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 2 KB
1 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1585308071811&cv=9&fst=1585308071811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

016b2202a623453f18717f7dabfabeb9f3b1d6ef21104f6ec8144a154b103b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a Show response
wzrkt.com/ 244 B
495 B 33ms
33ms Script
text/javascript 52.51.140.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wzrkt.com/a?t=94&type=page&d=N4IglgJiBcICwCUBsBaOB2AHChC4C0QAaEABwHMYBGEgYwphAAsAXF0gZ2gHpvaB7AG6QqATgB0AawCmbfuP4AnctxABfIAA&rn=2&i=1585308071&sn=0&gc=eb9b940b8d064ab180eb2c522e765e9c&r=1585308071813
Requested by: Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.51.140.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-140-195.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 539326f13cf62fa3cff041fd0805d2815b008cb748905d5eb3a74ea7a3984e59

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
content-type: text/javascript;charset=utf-8
status: 200
cache-control: no-cache, no-store
expires: Thu, 01 Jan 1970 00:00:00 GMT, 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/963384337/ 42 B
119 B 22ms
22ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963384337/?random=1585308071810&cv=9&fst=1585306800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3169395358&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963384337/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963384337/?random=1585308071810&cv=9&fst=1585306800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3169395358&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/782023289/ 42 B
160 B 20ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/782023289/?random=1585308071811&cv=9&fst=1585306800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3813551748&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/782023289/ 42 B
156 B 18ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/782023289/?random=1585308071811&cv=9&fst=1585306800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3813551748&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930975017/ 42 B
119 B 21ms
21ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930975017/?random=1585308071807&cv=9&fst=1585306800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3931956027&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930975017/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930975017/?random=1585308071807&cv=9&fst=1585306800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fcovid19.ketto.org%2F&tiba=Coronavirus%20Relief%20Fund%20-%20Ketto&async=1&fmt=3&is_vtc=1&random=3931956027&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 40ms
40ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra2 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:21:11 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:40:30 GMT
server: gfra2
status: 200
etag: "5e6f033e-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13599
via: 1.1 google

GET
H/1.1 200
OK consent.js Show response
s.adroll.com/j/ 243 KB
33 KB 17ms
17ms Script
application/javascript 95.101.184.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.154 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-184-154.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: W7pJTDq0578OcjyRZxtRH_BjDuWCGgRc
Content-Encoding: gzip
x-amz-request-id: BFDDD219E02D63AA
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Fri, 27 Mar 2020 11:21:11 GMT
Connection: keep-alive
Content-Length: 33195
x-amz-id-2: 0vEYWSNr8BIWIFx+Vt855bKM9PGQi1O3TTl+RSbaQgK2eZJeo3lhhvwHGpfanAseKG0Oz2obOWc=
Last-Modified: Tue, 19 Nov 2019 20:42:26 GMT
Server: AmazonS3
ETag: "2f9f76c2d377be42af05cdf34c632618"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 hod
d.adroll.com/consent/ 42 B
180 B 32ms
32ms Image
image/gif 63.32.63.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/consent/hod?_e=view_banner&_s=62e46a8f14aa817810822531150fdd33&_b=2.1&_a=KCAAQWJCWVGRDFUJKGTQV6
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.63.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Fri, 27 Mar 2020 11:21:12 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.16.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
349 B 131ms
131ms Image
image/gif 64.58.116.144
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=321038&type=c&tg=&r=https%3A%2F%2Fcovid19.ketto.org%2F&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&cmgid=0&cmtid=0&cmtuid=0
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.144 Dallas, United States, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.7 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:12 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.15.7
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441308802710601&ev=Microdata&dl=https%3A%2F%2Fcovid19.ketto.org%2F&rl=&if=false&ts=1585308072295&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Coronavirus%20Relief%20Fund%20-%20Ketto%22%2C%22meta%3Adescription%22%3A%22As%20the%20Coronavirus%20pandemic%20grips%20countries%20across%20the%20world%2C%20the%20healthcare%20systems%20of%20countries%20are%20alrea...%22%2C%22meta%3Akeywords%22%3A%22Coronavirus%20Relief%20Fund%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22covid19.ketto.org%22%2C%22og%3Atitle%22%3A%22Coronavirus%20Relief%20Fund%22%2C%22og%3Adescription%22%3A%22As%20the%20Coronavirus%20pandemic%20grips%20countries%20across%20the%20world%2C%20the%20healthcare%20systems%20of%20countries%20are%20already%20collapsing.%20So%20far%2C%20over%202%2C50%2C000%20people%20have%20been%20infected%20by%20the%20virus%20and%20over%2010%2C000%20have%20lost%20their%20lives%20to%20it.%20As%20of%20now%2C%20we%20have%20two%20options%3A%20either%20we%20take%20appropriate%20measures%20now%2C%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcovid19.ketto.org%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd1vdjc70h9nzd9.cloudfront.net%2Fmedia%2Fevents%2F1399000%2F1399904%2Fimage%2F4312934cad4fe9b92249dda86c1811b0185f017a.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585308072292.1917139537&it=1585308071726&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:12 GMT, Fri, 27 Mar 2020 11:21:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 27 Mar 2020 11:21:12 GMT

GET
H2 200 widf6df2f35c801b86767a9536aa38abf081f47122e.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/171000/171615/image/ 16 KB
17 KB 13ms
11ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/171000/171615/image/widf6df2f35c801b86767a9536aa38abf081f47122e.jpg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b525ef8bf90567538fa39ebd5026481672b25b1c86af248851c5d90b57519ea

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:03:33 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Tue, 24 Mar 2020 14:14:37 GMT
server: AmazonS3
age: 55060
etag: "f6c7e92cab499179b82d025bae88e3b9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 16728
x-amz-cf-id: Al3tQKA83c0btc4VhuwTNsTFaRM6hSvucX4lwEr66Eo_nxjQkdyl3A==

GET
H2 200 dc4772f42bee88edbd916e5ca8528af753acfba0.PNG
d1vdjc70h9nzd9.cloudfront.net/media/ngo/370000/370833/image/ 11 KB
12 KB 12ms
11ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/ngo/370000/370833/image/dc4772f42bee88edbd916e5ca8528af753acfba0.PNG
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a756449a28ee8a15ae7acff5214db94eb89a36df25bda7fcabbdecb5d2d33f19

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:03:33 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 18 Feb 2019 11:48:18 GMT
server: AmazonS3
age: 55060
etag: "8744cfda89fb13139ec940e21b5cf14b"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 11666
x-amz-cf-id: kwvYuBYh1k8EEfbGJ5uZQip4c20BR4Oa6WghE8zBQ_R891x6IqzdwA==

GET
H2 200 wid267a9a50b9c909fb89d75bba4099e86786347c41.jpeg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/174000/174605/image/ 13 KB
13 KB 242ms
240ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/174000/174605/image/wid267a9a50b9c909fb89d75bba4099e86786347c41.jpeg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba81c7eb29173bf319d7de738beeb0bdd6204766e2651e5e9f6fe397dcf539d8

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 23 Mar 2020 14:25:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "aa711151b98c566067505a642e400bb2"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13361
x-amz-cf-id: POYLLW1k2gZMO3ZmAmZn4ph07WPbfC_ZUcEhmVMXa7NgNd3rr-rEKg==

GET
H2 200 team_default.png
d1vdjc70h9nzd9.cloudfront.net/images/ 10 KB
10 KB 14ms
13ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/team_default.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03f15a70caaf40a20cf204a52b219e8307b227b12485b9484b9613e3a533081

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 08:15:37 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jan 2020 10:54:00 GMT
server: AmazonS3
age: 11136
etag: "127859ac73de290b1f34679fbd42e8e3"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 9953
x-amz-cf-id: cu1GNBq7oHHyY6ciyLOsasW0zzjxeX7JT5_5Bnw5lNdgzB5LbJeEwA==

GET
H2 200 wid5e75f5b5587db.png
d1vdjc70h9nzd9.cloudfront.net/media/campaign/173000/173999/image/ 62 KB
63 KB 18ms
17ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/173000/173999/image/wid5e75f5b5587db.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81a68fd32a8bb6d374cebfcd2cab451e36df5f6a16d91e7a7f4edbf84ca8bcb4

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 10:27:43 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 11:08:38 GMT
server: AmazonS3
age: 3210
etag: "3d0e14d8a480230a39cf6764faa55555"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 63654
x-amz-cf-id: W3avGW_2zx8jFicu31x9WYAdSQ_xlrinQVF_r7STeLpwO558XeNEkA==

GET
H2 200 5e75f72f2e071.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/1402000/1402129/image/ 3 KB
3 KB 10ms
10ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/individual/1402000/1402129/image/5e75f72f2e071.jpg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 049db1e20c6c9acc20e33579680f04757d0886a282a518200c78e5c17caa51c5

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 08:27:10 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Sat, 21 Mar 2020 11:14:56 GMT
server: AmazonS3
age: 10443
etag: "57b165ef71f28f74a8e86b6bf247f2ed"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 2924
x-amz-cf-id: WbXyaRzUUf3whzPL-xqXXB9AnnFSU2V5JNIlnXGXANY6dt25H2Awug==

GET
H2 200 wid5e7b7611c6e30.png
d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175172/image/ 46 KB
46 KB 231ms
231ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175172/image/wid5e7b7611c6e30.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91447efc8b29eda57733f79e53dd4e2ed8796d554f718a782a283931332ccb84

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2020 15:17:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "79cf6efe17f6444f3bb90d1830770580"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 47016
x-amz-cf-id: Y5Kq7UNfdqLY9BVMSNiz7h7_1QH3PDYom5Sojlphi8o5jypb2dO-oA==

GET
H2 200 78308ec395ad6af2aa7f67027fce459a74129f96.png
d1vdjc70h9nzd9.cloudfront.net/media/ngo/321000/321233/image/ 4 KB
4 KB 203ms
203ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/ngo/321000/321233/image/78308ec395ad6af2aa7f67027fce459a74129f96.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fccfedf6173f136b18c98d58c32edcb06d963f3e89b52e664ff00aca738ee523

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2020 15:29:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e781cf9996655f536af477cd5f31c382"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3712
x-amz-cf-id: Bc4ZjhUwne5quyusOcz-vzuM7y35c9jOSbMJLDzuIFnPV-q-TzikKw==

GET
H2 200 wid75f7c4ad134e176d99661bc244dd9d086325c738.png
d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175305/image/ 62 KB
62 KB 10ms
10ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175305/image/wid75f7c4ad134e176d99661bc244dd9d086325c738.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c26647d4d2aa5eab75f11056ec59a26086ff579be756085e1fedf4fe892b96b9

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 08:27:23 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2020 14:01:39 GMT
server: AmazonS3
age: 10430
etag: "4e16e8fc6981d1971e5e60f0ba239419"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 63475
x-amz-cf-id: E9d1puV9SAaLkSRipgU2-iHvax7dyQDeOQounxfmLf_pN0RF42cYFQ==

GET
H2 200 e9c015150f6211b052b81dffbfe70c5887065d4d.webp
d1vdjc70h9nzd9.cloudfront.net/media/individual/1411000/1411109/image/ 25 KB
25 KB 9ms
9ms Image
image/webp 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/individual/1411000/1411109/image/e9c015150f6211b052b81dffbfe70c5887065d4d.webp
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e95ef5f09b0fed1c3e63b441dc74b2c65866adcb969193fd8f9611c4085732d6

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 17:09:54 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2020 12:51:48 GMT
server: AmazonS3
age: 151879
etag: "e6fcbce2f07699a83679f4542283f3dd"
x-cache: Hit from cloudfront
content-type: image/webp
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 25400
x-amz-cf-id: 9VK213f0EtKvpaJw_4hiBhHNferrOYu1jiixFeYMfdxCNzGFzrrzCQ==

GET
H2 200 wid5e7cb64a286fc.png
d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175302/image/ 55 KB
56 KB 932ms
932ms Image
image/png 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175302/image/wid5e7cb64a286fc.png
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38d0217f981730b62babfb1ece758019d683f59cacbe6ecda66738a9756c8db2

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:14 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 14:04:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e5d60388f0b7ec0bf871f9ccde1f7419"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 56676
x-amz-cf-id: 0KUH4Gn_WhRT6flCMNgvkH_hq2ffJdEDvkKsuvSbs8p8lhAcTBEY8w==

GET
H2 200 wid4df0f8ad7c661be1bb4c0fe25a081a222bc080f7.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/173000/173718/image/ 9 KB
9 KB 739ms
739ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/173000/173718/image/wid4df0f8ad7c661be1bb4c0fe25a081a222bc080f7.jpg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9347e876ba20dff8169c3c87f5b9dda27e0aa2d4d9ddd7b155d5c8465aa3447

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:14 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Sun, 22 Mar 2020 22:39:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "58ae5d92d8617438aebc982cd5c76b95"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9293
x-amz-cf-id: 1btkZoFA5w4cO9eXt1gy8UNb0bLd8PXZGlIW848_J-p6gBkZVf_MXg==

GET
H2 200 db8308a96500a83d0b9ea20de3a684444bdecc12.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/1400000/1400277/image/ 5 KB
6 KB 198ms
198ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/individual/1400000/1400277/image/db8308a96500a83d0b9ea20de3a684444bdecc12.jpg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 349bda060c8d4a801ccc09163fc3c748a5ac5f9a96377567876473e94c198b0f

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Mon, 23 Mar 2020 22:54:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "73a1e3446ba077f49c61bdc1b076f083"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5547
x-amz-cf-id: bmOFCeS-JTQ92nY8JGRv87QUH8CbV1z3HF-I1wJGrGx7GwXvwjd4dA==

GET
H2 200 wid5e7c6c52aa925.jpeg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175614/image/ 20 KB
20 KB 779ms
779ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/175000/175614/image/wid5e7c6c52aa925.jpeg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ba17faee67f4b07efe8d2dad4d99469235ce4ff7aa0ff31dcfc8c6f91fa52c0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:14 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 08:48:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "b48a84619765e8ee5f593c9cf446cc75"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 20023
x-amz-cf-id: BzV8AXj8y-6s7kTaE2VCMmeuMOe7vSOzsSlf0m_FanErkD-RlVqQyw==

GET
H2 200 0957dd5d7e4e4a8a8926245c63508d2bdee637cf.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/1413000/1413743/image/ 4 KB
4 KB 226ms
225ms Image
image/jpeg 2600:9000:214f:1600:d:e617:f340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/individual/1413000/1413743/image/0957dd5d7e4e4a8a8926245c63508d2bdee637cf.jpg
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1600:d:e617:f340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bf00e6cc0ba6f36835ada1d4463dc4355a78a9f2c899de8494abaa0811a66b

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 09:12:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e7673fb7a45ec02bf4dfe7f43b27fb72"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4195
x-amz-cf-id: fgYv8e-AHxdBCjxrAqpaUJaeP3LgfFEc3VCYSW3JIIOEbUEUKoAlfA==

GET
H2 200 system_event.php Show response
covid19.ketto.org/vars/ 16 B
1 KB 752ms
752ms XHR
application/json 99.84.155.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.ketto.org/vars/system_event.php?val%5BeventName%5D=pageView&val%5Bevent_type%5D=&val%5Bevent_type_id%5D=&val%5Bpage_name%5D=others&val%5Breferrer_page%5D=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.84.155.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-155-96.txl52.r.cloudfront.net
Software: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept: */*
Referer: https://covid19.ketto.org/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:14 GMT
via: 1.1 117b54f007fbf40fc2a4bbbd8e88fc21.cloudfront.net (CloudFront)
server: Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: TXL52-C1
pageurl-1: 1
x-powered-by: PHP/5.6.40
x-cache: Miss from cloudfront
content-type: application/json
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 16
x-amz-cf-id: 4Byc9U1xVci_3Fd-cMJtDvZcYPRZUtJQPtpYCMy6IuVj5drhsRH8_g==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 212ms
142ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcovid19.ketto.org%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Fri, 27 Mar 2020 11:21:13 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9c9de45249e477fd75edd662ac9148cc
x-transaction: 0098a7f500e4182a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 dis.aspx
widget.as.criteo.com/dis/ Frame 4BAE 0
0 273ms
273ms Document
text/html 182.161.73.211
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.as.criteo.com/dis/dis.aspx?p=56509&cb=21541863906&ref=&sc_r=1600x1200&sc_d=24
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.161.73.211 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: widget.as.criteo.com
:scheme: https
:path: /dis/dis.aspx?p=56509&cb=21541863906&ref=&sc_r=1600x1200&sc_d=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://covid19.ketto.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covid19.ketto.org/

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: Mon, 26 Jul 1997 05:00:00 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
p3p: CP='CUR ADM OUR NOR STA NID'
timing-allow-origin: *
set-cookie: uid=55582349-6c1f-4a33-b36e-29f22a856134; expires=Wed, 21 Apr 2021 11:21:13 GMT; domain=.criteo.com; path=/; secure; samesite=none
x-powered-by: ASP.NET
date: Fri, 27 Mar 2020 11:21:12 GMT
content-length: 147

GET
H2 200 hotjar-200024.js Show response
static.hotjar.com/c/ 16 KB
5 KB 37ms
37ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-200024.js?sv=5

Requested by

Host: covid19.ketto.org
URL: https://covid19.ketto.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress7

Software

Resource Hash

fca69d7d4dbe1310cb2d228a8b1503bb00807d1723d1784d7df8fee94b0474ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 38
status: 200
access-control-max-age: 600
section-io-cache: Hit
content-length: 4386
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/f062b4736367bd0c7e324760a4d87cec
vary: Accept-Encoding
section-io-origin-status: 304
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.021
accept-ranges: bytes
section-io-id: 40a22c0abbdba5d4c644fde4825d464e
section-origin-responded: true

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 185 KB
56 KB 102ms
34ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: covid19.ketto.org
URL: https://covid19.ketto.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.112.186 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 515984e47e209b9114195c2246b83d35f1410b3476db4fba0672b7f62ee86414

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Mar 2020 11:14:08 GMT
content-encoding: gzip
age: 425
status: 200
x-guploader-uploadid: AEnB2UpT3ONVQRN6hgf_-9ZQ4DU_1f1fUAXu7uozfJNpFyQ8v-djxbWVbyOPZtw82SkCXH5NodVCf1xw1i54ev6kKh9KIA-N5g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 56626
last-modified: Wed, 25 Mar 2020 22:20:19 GMT
server: UploadServer
etag: "d63bf3851a4ae2a39c6b7f5e17b3f96c"
x-goog-hash: crc32c=rIS1sg==, md5=1jvzhRpK4qOca39eF7P5bA==
x-goog-generation: 1585174819871318
access-control-allow-origin: *
cache-control: public, max-age=600,no-transform
x-goog-stored-content-length: 56626
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 27 Mar 2020 11:24:08 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1736299900&t=event&ni=1&_s=2&dl=https%3A%2F%2Fcovid19.ketto.org%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20Relief%20Fund%20-%20Ketto&sd=24-bit&sr=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_gid=1765255802.1585308072&gjid=371876073&_v=j81&z=712719763
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_v=j81&z=712719763
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_v=j81&z=712719763&slf_rd=1&random=1989854629

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_v=j81&z=712719763&slf_rd=1&random=1989854629

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 27 Mar 2020 11:21:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=813225549.1585308072&jid=2042666271&_v=j81&z=712719763&slf_rd=1&random=1989854629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.17c97750a9d093b794df.js Show response
script.hotjar.com/ 366 KB
69 KB 25ms
25ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.17c97750a9d093b794df.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress7
Software: /
Resource Hash: 0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16

Request headers

Referer: https://covid19.ketto.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 27 Mar 2020 11:21:13 GMT
content-encoding: br
content-type: application/javascript
age: 86748
status: 200
section-io-cache: Hit
content-length: 70645
last-modified: Thu, 26 Mar 2020 11:12:31 GMT
etag: "3a5a4807e54283bcadc4388cb084ad93"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.024
accept-ranges: bytes
section-io-id: a817cb2f959662cd304721d62eb9efb6
section-origin-responded: true

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 65D4 0
0 27ms
26ms Document
text/html 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress7
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://covid19.ketto.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covid19.ketto.org/

Response headers

status: 200
date: Fri, 27 Mar 2020 11:21:13 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.087
section-origin-responded: true
age: 108802
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: c6f74532a991267bd5ab26ebf854bec1

POST
H2 200 page Show response
rs.fullstory.com/rec/ 831 B
606 B 363ms
296ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 096a53196af393b16be056d5efc74101af2366d4168a3b49b917d0c851ee1620

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Mar 2020 11:21:14 GMT
content-encoding: gzip
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://covid19.ketto.org
access-control-allow-credentials: true
alt-svc: clear
content-length: 444
via: 1.1 google

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
94 B 392ms
386ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=RVPT3&UserId=4986028590907392&SessionId=5912516915904512&PageId=4636375429169152&Seq=1&PageStart=1585308074036&PrevBundleTime=0&LastActivity=429&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 063523f824a0bdd1ff8c9ce3c2ea61ed1fd2ec54f38240ecbef6fa518b22b9e1

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Mar 2020 11:21:14 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://covid19.ketto.org
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
91 B 155ms
155ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=RVPT3&UserId=4986028590907392&SessionId=5912516915904512&PageId=4636375429169152&Seq=2&PageStart=1585308074036&PrevBundleTime=1585308074442&LastActivity=4860&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 7e911ae8c5cb0b2e42736a0bf7f03406afece44e15474addb720160cfa7df9cd

Request headers

Referer: https://covid19.ketto.org/
Origin: https://covid19.ketto.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 27 Mar 2020 11:21:19 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://covid19.ketto.org
access-control-allow-credentials: true
alt-svc: clear
content-length: 29

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ketto.org/	1970-01-19 10:31:24	Name: _fbp Value: fb.1.1585308072292.1917139537

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","id":"1271067","name":"page_view","tim":1585308071796}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","id":"1201088","name":"page_view","tim":1585308071798}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.taboola.com/libtrc/unip/1201088/tfa.js(Line 3) Message: Taboola Pixel: An error occurred while handling command '{"notify":"event","name":"page_view","id":1201088,"tim":1585308071799}'. TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://static.clmbtech.com/ase/29892/2552/aa.js(Line 10) Message: jsonback:TypeError: $cr.cc is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
ajax.googleapis.com
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
covid19.ketto.org
d.adroll.com
d.adroll.mgr.consensu.org
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ise.clmbtech.com
rs.fullstory.com
s.adroll.com
script.hotjar.com
sslwidget.criteo.com
stags.bluekai.com
static.ads-twitter.com
static.clmbtech.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
t.co
tags.bkrtx.com
vars.hotjar.com
widget.as.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
wzrkt.com
104.244.42.67
104.244.42.69
147.75.33.131
151.101.112.157
151.101.14.2
178.250.0.163
182.161.73.211
216.58.207.34
23.45.237.36
23.62.118.129
2600:9000:214f:1600:d:e617:f340:21
2a00:1450:4001:800::2008
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81d::200e
2a00:1450:400c:c07::9c
2a02:2638:1::3
2a02:26f0:6c00:189::143a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.96.102.137
35.186.194.58
35.201.112.186
52.51.140.195
63.32.63.32
63.33.38.43
64.58.116.144
95.101.184.154
99.84.155.80
99.84.155.96
00e91363aec80266d911c887d1ca65351c3fd18648a7091cfd10bc5838c03991
016b2202a623453f18717f7dabfabeb9f3b1d6ef21104f6ec8144a154b103b27
049db1e20c6c9acc20e33579680f04757d0886a282a518200c78e5c17caa51c5
04b2ac416cf183f162df184c3009c77187410a4e31d5120bd7b97b25f940271c
063523f824a0bdd1ff8c9ce3c2ea61ed1fd2ec54f38240ecbef6fa518b22b9e1
07bc8b8d77e594cc352fbb4d82dc756c8de9605529c153441d98d693ce684859
096a53196af393b16be056d5efc74101af2366d4168a3b49b917d0c851ee1620
0a154422438f236a08876dcc7627c6360823ecd673c1394b0a87be88e591d104
0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18afaec50104bf72f11b98340af130b24d3501c2bc07382848a3201850656db3
1a4b945f0ca1d96e89cd5156809d302131b9b11ff0847a1196bed8d1e9408460
1b525ef8bf90567538fa39ebd5026481672b25b1c86af248851c5d90b57519ea
204d5b8a649a508a4953dee7b09f7fd675a01dce744db720646db8698e6854ff
29ac5d98ec4d2faddcf3f34c59cdb66cb11d0e40997e5e4da61cb1985fcaab4f
2ba17faee67f4b07efe8d2dad4d99469235ce4ff7aa0ff31dcfc8c6f91fa52c0
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
349bda060c8d4a801ccc09163fc3c748a5ac5f9a96377567876473e94c198b0f
389f7284b4bf8b26987d552abaa7d1827991560d7124486641f4955b30776e8f
38d0217f981730b62babfb1ece758019d683f59cacbe6ecda66738a9756c8db2
3915e11545c3fb2575aabe4128289d5eef42ecfb38a5e0e37fd6263dc13b3ff2
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
400ef3f6d7997f91b6e38ec3fe10a6b203c5c8515c53ff6bfb21fc9430760dc5
4565122d9ee64fbbafef6ff6f3d57c14a7859bd069a238e850bd4076f96bc980
515984e47e209b9114195c2246b83d35f1410b3476db4fba0672b7f62ee86414
52ed49f76c6f0aa20536879fc017e64532d995e7645dc17e99f8c311cfdf12b3
539326f13cf62fa3cff041fd0805d2815b008cb748905d5eb3a74ea7a3984e59
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
689754c4f440890cf64c45da96a6d49a9613df615e0d5a5512e30784f54d89e9
692b323f85b8bd2cad2d4c0127514420d44056818f91e9b9f7e89a1b526cc04f
693d5546169be90d4d6fb69ae0f102f0f9b34e4353974639d9209a2120e178a3
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
706e18b7a2bc04e783ba1a17bbfa5178103489e8dcd7cca51c1d32f73dffa060
72f499876d41e6dc704317e5ee281bdf04f12b7c9d231b0fedd274af9052fbba
7b8cd61f9d36175fe1b2fc50dfd1585716b9e55a87a82e8ec3c5d9739d6fb939
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e911ae8c5cb0b2e42736a0bf7f03406afece44e15474addb720160cfa7df9cd
7ec14ac967d5714ea823120de8f8de1077049a0c9aa5a5234e573d92dc08a43e
80546066d245528f0202bb7392b2feabaf23ff0e1752bc206a42d94460159c95
81a68fd32a8bb6d374cebfcd2cab451e36df5f6a16d91e7a7f4edbf84ca8bcb4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8627d217b1aa9d076369956a8e8d6988ee1db5a1db24be6ddbb055fc63bfcb64
8939fc82cf413debf8dabe238f5a087d7a9de4034302b3e1900519330d1ef2c2
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8f63db5c3f22f824c810536f61d2e1217b612a0e50d5295b4ee94eb688d85c0d
91447efc8b29eda57733f79e53dd4e2ed8796d554f718a782a283931332ccb84
933a30183d705ef1890c7c847843010a343a030f6ce01df88dbf5e6f70ee85a3
9a8b7914cf2110563490edb32785909e5746ba6be313012bf0a93f438c2eee4b
9c1634dde0fedc846c970c7a3d46afc5e64fe553ac5488b0f5fa06f58a83c8b4
9fd400a8864fba68efe8e41b9ebaabaa206159da4fabb821fd985c3a48f06045
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9
a646f9cd4df5de0bd8407acf99caf9b66afe70a3f97eca8ae48beac4228e0d1e
a756449a28ee8a15ae7acff5214db94eb89a36df25bda7fcabbdecb5d2d33f19
a9347e876ba20dff8169c3c87f5b9dda27e0aa2d4d9ddd7b155d5c8465aa3447
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc39238ce470f35443285594efdb5f3df912924d2818e5929f4df6a9eeadb31
b1d8fdba5f58734f86f19091d1c0f5cf19f25a008a176504da6d3fc1125b37b8
b5dc0b27eb3644f9af0a74b7878c9096f489cc69b9d8986a815b854f03e01f29
ba81c7eb29173bf319d7de738beeb0bdd6204766e2651e5e9f6fe397dcf539d8
c03f15a70caaf40a20cf204a52b219e8307b227b12485b9484b9613e3a533081
c26647d4d2aa5eab75f11056ec59a26086ff579be756085e1fedf4fe892b96b9
c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed
cb06fe4cd36474e4d53c62779fe3d9676657bb9b1f2fd1d94e307d7304009a93
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
ccf1e57eac7ddaa4c07a356f41e677862a9893395ed4ca1bd8287156d1524498
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d324d57bfcb2d708505a9b4879dac4b8903c40af63ebc787b7dedcfaa3b1c3e0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e570e4c1bc90a93412f02d525cb4356e87acb195835a633fea21cd3952760c35
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e95ef5f09b0fed1c3e63b441dc74b2c65866adcb969193fd8f9611c4085732d6
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec6b24b6615cc019288b7250b71e432f07778e102bc645e6d6b50f3bbf833211
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff93f915542bbdd651063ef0615b6947372409efde097ec95fff285576fb808
f2bf00e6cc0ba6f36835ada1d4463dc4355a78a9f2c899de8494abaa0811a66b
f461a4817dca35bd182b59f1954ff80d117bcf7301e73c32bd1ec8274bff69cb
f518a5850645717792b2cc36a12d55a32d08c560d3d40adf77b52ea2addf3e18
f6e206730b9cfa13f568754d8c0985b03f8a7b55265eb88b3c0f8c80cd445e19
f82c9f099656346f543c66ba009bd5f18010c7b41ad43d47a7f762121ad4496d
f899c318a17019d103127044bcf842d6de73db5e1c2aa7244d41a36ce88b9aa6
fb4445c6d515c6e571979b75fca5bf825d17d958ab6704d3448ec561a46b06ab
fca69d7d4dbe1310cb2d228a8b1503bb00807d1723d1784d7df8fee94b0474ff
fccfedf6173f136b18c98d58c32edcb06d963f3e89b52e664ff00aca738ee523

covid19.ketto.org Open in urlscan Pro 99.84.155.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

100 %HTTPS

41 %IPv6

28 Domains

37 Subdomains

31 IPs

8 Countries

1934 kBTransfer

5393 kBSize

1 Cookies

19 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid19.ketto.org Open in urlscan Pro
99.84.155.96 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

100 %
HTTPS

41 %
IPv6

28
Domains

37
Subdomains

31
IPs

8
Countries

1934 kB
Transfer

5393 kB
Size

1
Cookies

100 HTTP transactions
0 data transactions