www.ketto.org
Open in
urlscan Pro
13.232.153.143
Public Scan
Effective URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Submission: On December 19 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 26th 2018. Valid for: 3 months.
This is the only time www.ketto.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 91.192.43.151 91.192.43.151 | 15960 (GLOBALACCESS) (GLOBALACCESS) | |
1 1 | 52.210.161.187 52.210.161.187 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 13.232.153.143 13.232.153.143 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
19 | 2600:9000:20b... 2600:9000:20bb:3e00:d:e617:f340:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0a::61 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 143.204.101.78 143.204.101.78 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 159.122.87.153 159.122.87.153 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 2600:9000:20b... 2600:9000:20bb:d200:d:e617:f340:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
4 | 159.122.87.148 159.122.87.148 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
2 | 52.50.103.2 52.50.103.2 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 172.217.23.162 172.217.23.162 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 4 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 147.75.80.178 147.75.80.178 | 54825 (PACKET) (PACKET - Packet Host) | |
6 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 104.244.46.80 104.244.46.80 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
5 | 151.101.2.2 151.101.2.2 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2a00:1288:7c:... 2a00:1288:7c:800::4001 | 43428 (YAHOO-ULS) (YAHOO-ULS) | |
1 | 13.126.155.42 13.126.155.42 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 151.101.0.176 151.101.0.176 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 2 | 2a00:1450:400... 2a00:1450:400c:c08::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 7 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
7 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 4 | 2a00:1450:400... 2a00:1450:4001:821::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 188.125.66.33 188.125.66.33 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
1 | 199.16.156.75 199.16.156.75 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 7 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
5 | 54.169.244.171 54.169.244.171 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 185.33.223.210 185.33.223.210 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 2a03:2880:f02... 2a03:2880:f029:11:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 199.16.156.73 199.16.156.73 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 | 147.75.83.19 147.75.83.19 | 54825 (PACKET) (PACKET - Packet Host) | |
1 2 | 216.58.207.38 216.58.207.38 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 52.77.171.92 52.77.171.92 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 216.58.205.226 216.58.205.226 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.169.14.94 54.169.14.94 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 151.101.2.110 151.101.2.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9c | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 162.247.242.19 162.247.242.19 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
96 | 36 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-161-187.eu-west-1.compute.amazonaws.com
c.agdgtl.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-232-153-143.ap-south-1.compute.amazonaws.com
www.ketto.org |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-78.fra50.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-103-2.eu-west-1.compute.amazonaws.com
wzrkt.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net
www.googleadservices.com |
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25
static.hotjar.com | |
script.hotjar.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com |
ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com | |
trc.taboola.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-126-155-42.ap-south-1.compute.amazonaws.com
checkout.razorpay.com |
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
apis.ketto.org |
ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com |
ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com |
ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24
vars.hotjar.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net
8611446.fls.doubleclick.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-171-92.ap-southeast-1.compute.amazonaws.com
ads.instabid.tech |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-14-94.ap-southeast-1.compute.amazonaws.com
px.instabid.tech |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net |
Domain | Requested by | |
---|---|---|
24 | d1vdjc70h9nzd9.cloudfront.net |
www.ketto.org
ajax.googleapis.com |
7 | www.facebook.com |
1 redirects
www.ketto.org
|
7 | www.google.de |
www.ketto.org
|
7 | www.google.com |
4 redirects
www.ketto.org
|
6 | dev.visualwebsiteoptimizer.com |
www.ketto.org
dev.visualwebsiteoptimizer.com |
5 | apis.ketto.org |
www.ketto.org
|
4 | trc.taboola.com |
www.ketto.org
|
4 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
4 | connect.facebook.net |
www.ketto.org
connect.facebook.net d1vdjc70h9nzd9.cloudfront.net |
4 | www.google-analytics.com |
3 redirects
www.googletagmanager.com
|
3 | stats.g.doubleclick.net | 3 redirects |
3 | js.stripe.com |
www.ketto.org
js.stripe.com |
3 | www.ketto.org |
www.ketto.org
|
2 | staticxx.facebook.com |
connect.facebook.net
|
2 | 8611446.fls.doubleclick.net |
1 redirects
www.ketto.org
|
2 | secure.adnxs.com |
1 redirects
www.ketto.org
|
2 | www.googleadservices.com |
1 redirects
www.googletagmanager.com
|
2 | wzrkt.com |
d2r1yp2w7bby2u.cloudfront.net
|
2 | fonts.gstatic.com |
www.ketto.org
ajax.googleapis.com |
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | js-agent.newrelic.com |
www.ketto.org
|
1 | px.instabid.tech |
www.ketto.org
|
1 | cm.g.doubleclick.net | 1 redirects |
1 | ads.instabid.tech | 1 redirects |
1 | vars.hotjar.com |
static.hotjar.com
|
1 | analytics.twitter.com |
static.ads-twitter.com
|
1 | graph.facebook.com |
www.ketto.org
|
1 | t.co |
www.ketto.org
|
1 | sp.analytics.yahoo.com |
s.yimg.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | checkout.razorpay.com |
www.ketto.org
|
1 | s.yimg.com |
www.ketto.org
|
1 | cdn.taboola.com |
www.ketto.org
|
1 | static.ads-twitter.com |
www.ketto.org
|
1 | static.hotjar.com |
www.ketto.org
|
1 | d2r1yp2w7bby2u.cloudfront.net |
www.ketto.org
|
1 | www.googletagmanager.com |
www.ketto.org
|
1 | fonts.googleapis.com |
www.ketto.org
|
1 | ajax.googleapis.com |
www.ketto.org
|
1 | c.agdgtl.com | 1 redirects |
1 | mail.quicklivedeals.com | 1 redirects |
96 | 41 |
This site contains links to these domains. Also see Links.
Domain |
---|
api.whatsapp.com |
d1vdjc70h9nzd9.cloudfront.net |
blog.ketto.org |
www.facebook.com |
www.twitter.com |
www.linkedin.com |
www.youtube.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ketto.org Let's Encrypt Authority X3 |
2018-11-26 - 2019-02-24 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2018-10-08 - 2019-10-09 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-12-04 - 2019-02-26 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2017-06-30 - 2020-07-06 |
3 years | crt.sh |
*.google.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
wzrkt.com DigiCert ECC Secure Server CA |
2018-11-11 - 2019-11-20 |
a year | crt.sh |
www.googleadservices.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2018-12-10 - 2019-03-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2017-12-15 - 2019-03-22 |
a year | crt.sh |
ads-twitter.com DigiCert SHA2 High Assurance Server CA |
2018-06-28 - 2019-07-03 |
a year | crt.sh |
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2018-12-03 - 2019-09-07 |
9 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2018-12-04 - 2019-01-16 |
a month | crt.sh |
*.razorpay.com Amazon |
2018-09-27 - 2019-10-27 |
a year | crt.sh |
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA |
2018-11-13 - 2019-03-05 |
4 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2018-12-10 - 2019-03-10 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2018-11-21 - 2019-05-20 |
6 months | crt.sh |
www.google.com Google Internet Authority G3 |
2018-12-04 - 2019-02-26 |
3 months | crt.sh |
t.co DigiCert SHA2 High Assurance Server CA |
2018-10-31 - 2019-11-05 |
a year | crt.sh |
apis.ketto.org Let's Encrypt Authority X3 |
2018-11-07 - 2019-02-05 |
3 months | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2018-01-25 - 2019-01-25 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2018-10-31 - 2020-02-12 |
a year | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2018-12-10 - 2019-03-10 |
3 months | crt.sh |
*.doubleclick.net Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
*.instabid.tech Amazon |
2018-01-07 - 2019-02-07 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2018-12-06 - 2019-04-14 |
4 months | crt.sh |
*.nr-data.net GeoTrust RSA CA 2018 |
2018-01-11 - 2020-03-17 |
2 years | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Frame ID: 2EC69BE719676F8A21DCA1E2C97A9401
Requests: 92 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default808896&stripe_xdm_p=1
Frame ID: 45C05B5C36BF87D03E80D058FEC7EE6A
Requests: 1 HTTP requests in this frame
Frame:
https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 009B2CFC31C1B43D48DAAC787EE5C1C4
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: 90415C75A114B98F8D0269ED8BFA018B
Requests: 1 HTTP requests in this frame
Frame:
https://js.stripe.com/v2/m/outer.html
Frame ID: B48B88DE315866BB0194535C73EEED60
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: D0972F072950F6A2FC0724EF07828FAA
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mail.quicklivedeals.com/re?l=D0Is4c7ynI7vft8n7I0
HTTP 302
https://c.agdgtl.com/?a=3&c=773&E=mreso0hAhm4%3d&s1= HTTP 302
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=externa... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Amazon EC2 (Web Servers) Expand
Detected patterns
- headers server /\(Amazon\)/i
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- env /^angular$/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Stripe (Payment Processors) Expand
Detected patterns
- env /^Stripe$/i
AddThis (Widgets) Expand
Detected patterns
- env /^addthis/i
Google Analytics (Analytics) Expand
Detected patterns
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
New Relic (Analytics) Expand
Detected patterns
- env /^NREUM/i
SweetAlert (JavaScript Libraries) Expand
Detected patterns
- env /^swal$/i
YUI (JavaScript Libraries) Expand
Detected patterns
- env /^YAHOO$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: 719
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Linkedin
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Chat with us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mail.quicklivedeals.com/re?l=D0Is4c7ynI7vft8n7I0
HTTP 302
https://c.agdgtl.com/?a=3&c=773&E=mreso0hAhm4%3d&s1= HTTP 302
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 36- https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=1885870366&gjid=236602130&cid=105910923.1545242580&tid=UA-30181760-1&_gid=114206853.1545242580&_r=1>m=2wgbc0MJRMLZ&cd12=1545242579519.00q87h2&z=795377182 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_gid=114206853.1545242580&gjid=236602130&_v=j72&z=795377182 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182&slf_rd=1&random=533510245
- https://secure.adnxs.com/px?id=988443&seg=12457517&t=1 HTTP 302
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D988443%26seg%3D12457517%26t%3D1
- https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=We%20are%20left%20with%20nothing%20now%2C%20but%20hope%2C%20Please%20help%20save%20my%20dying%20daughter&_u=aEBAAAAB~&jid=399478527&gjid=868004776&cid=482998400.1545242581&tid=UA-30181760-1&_gid=1959945244.1545242581&_r=1>m=2wgbc0MJRMLZ&cd7=150&cd8=helpfarin&cd9=70306&cd10=ad&z=414288358 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_gid=1959945244.1545242581&gjid=868004776&_v=j72&z=414288358 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358&slf_rd=1&random=1037575269
- https://8611446.fls.doubleclick.net/activityi;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://8611446.fls.doubleclick.net/activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
- https://ads.instabid.tech/s?s=ktlp HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=yoptima_media_solutions_pvt_ltd&google_hm=UUtnVlc2TkIybUZIZU41c1FrWUxZVA HTTP 302
- https://px.instabid.tech/apxs
- https://www.googleadservices.com/pagead/conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0 HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=810259499&sscte=1&crd=CILQGw>d= HTTP 302
- https://www.google.com/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw>d=&cdct=2&is_vtc=1&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=252905846 HTTP 302
- https://www.google.de/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw>d=&cdct=2&is_vtc=1&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=252905846&ipr=y
- https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df2bce06972409c8%26domain%3Dwww.ketto.org%26origin%3Dhttps%253A%252F%252Fwww.ketto.org%252Ff10a56fd8282dbc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version=v2.7 HTTP 302
- https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
- https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GTM&ea=10%20Second&_u=aHBAAAAB~&jid=2004041413&gjid=50341387&cid=105910923.1545242580&tid=UA-30181760-1&_gid=114206853.1545242580&_r=1>m=2wgbc0MJRMLZ&cd12=1545242579519.00q87h2&cd14=105910923.1545242580&z=1066483089 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_gid=114206853.1545242580&gjid=50341387&_v=j72&z=1066483089 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089&slf_rd=1&random=640567421
96 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
helpfarin
www.ketto.org/stories/ Redirect Chain
|
242 KB 57 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.24156f.css
d1vdjc70h9nzd9.cloudfront.net/less/ |
624 KB 95 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stories.designD.bundle.a329af.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ |
223 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 989 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
138 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ |
40 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/ |
146 KB 52 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc33e5bc26c141a6891b01715008192303774a36.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/70000/70306/image/ |
33 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ketto_assured_icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check-circle.png
d1vdjc70h9nzd9.cloudfront.net/images/ |
525 B 856 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe8d731b66359375f23929a12033b8b7d393a091.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/70000/70306/image/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
success.svg
d1vdjc70h9nzd9.cloudfront.net/images/stories/ |
947 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ketto-preloader.gif
d1vdjc70h9nzd9.cloudfront.net/images/ |
33 KB 33 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v7/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ |
70 KB 71 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va-86fd9d64674edb81b84cfebf656cc1d3.js
dev.visualwebsiteoptimizer.com/5.0/ |
162 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track-86fd9d64674edb81b84cfebf656cc1d3.js
dev.visualwebsiteoptimizer.com/5.0/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opa-ae9f477a09584bfb879b58ad63ce53d8.js
dev.visualwebsiteoptimizer.com/analysis/2.0/ |
149 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 236 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a
wzrkt.com/ |
261 B 591 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
23 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-200024.js
static.hotjar.com/c/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
51 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uwt.js
static.ads-twitter.com/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1034141/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
razorpay.js
checkout.razorpay.com/v1/ |
47 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
js.stripe.com/v2/ |
63 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stories.bundle.min.a3c69b.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ |
90 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
storiesDefer.bundle.min.f32aec.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ |
746 KB 195 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
513405139012772
connect.facebook.net/signals/config/ |
181 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules-38e6054579cf2b1595bd244b3975c490.js
script.hotjar.com/ |
399 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
worker-68f4c079a93008e8e04f81f6476e5cc4.js
dev.visualwebsiteoptimizer.com/analysis/ |
46 KB 15 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
0 449 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/930975017/ |
42 B 117 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/930975017/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/963384337/ |
42 B 117 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/963384337/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
t.co/i/ |
43 B 169 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
441308802710601
connect.facebook.net/signals/config/ |
181 KB 43 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/837073759/ |
42 B 117 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/837073759/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
194 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Cookie set
ajax.php
www.ketto.org/vars/ |
110 B 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpfarin
apis.ketto.org/api/fundraisers/ |
2 KB 885 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments
apis.ketto.org/api/fundraisers/helpfarin/ |
3 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donors
apis.ketto.org/api/fundraisers/70306/ |
25 B 292 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
donors
apis.ketto.org/api/fundraisers/70306/ |
4 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
updates
apis.ketto.org/api/fundraisers/70306/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-light-bg.svg
d1vdjc70h9nzd9.cloudfront.net/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-secure-lock.png
d1vdjc70h9nzd9.cloudfront.net/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source-sans-pro-v11-latin-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ |
16 KB 16 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faq_sprite_desktop.png
d1vdjc70h9nzd9.cloudfront.net/images/stories/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BngRUXZYTXPIvIBgJJSb6u9mxLCGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v7/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source-sans-pro-v11-latin-700.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ |
15 KB 16 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/ |
18 KB 18 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a
wzrkt.com/ |
189 B 519 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
1007 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
graph.facebook.com/ |
542 B 737 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-select.png
d1vdjc70h9nzd9.cloudfront.net/images/ |
168 B 501 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mark
trc.taboola.com/ketto-sc/log/3/ |
0 368 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 244 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 200 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ |
31 B 268 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
channel.html
js.stripe.com/v2/ Frame 45C0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16a7e8fc95c3ce2369da3809a16ef2e80cd9f204.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ |
73 KB 73 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc.taboola.com/1034141/log/3/ |
0 74 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc.taboola.com/1034141/log/3/ |
0 54 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 009B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
8611446.fls.doubleclick.net/ Redirect Chain
|
0 618 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apxs
px.instabid.tech/ Redirect Chain
|
0 111 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-conversion/795178636/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc.taboola.com/1070973/log/3/ |
0 54 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 9041 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.ve86pe.ttf
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ |
38 KB 38 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
system_event.php
www.ketto.org/vars/ |
16 B 732 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outer.html
js.stripe.com/v2/m/ Frame B48B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default-campaign-picture.jpg
d1vdjc70h9nzd9.cloudfront.net/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1099.min.js
js-agent.newrelic.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame D097 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 378 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f64838bf44
bam.nr-data.net/1/ |
57 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
187 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer object| clevertap object| TRACKING_DETAILS number| _vwo_clicks object| _vwo_code number| settings_timer number| _vwo_settings_timer object| VWO object| _vwo_evq object| hiddengoalcampaign object| amountRaisedCampaign object| daysLeftCampaign string| browserName number| IS_WHITE_LABEL number| FB_APP_ID number| hasDraft string| custom_tag string| campaign_share_url_exitIntent string| campaign_share_url string| campaign_share_count_url string| device string| supporters_pagination_url string| s3_url boolean| ended string| designTemplate string| beneficiary_fname string| hospital_name string| countryCode string| apiHostUrl string| videoID object| userDetailsAPI string| supporterImage string| pageReload string| loadPayment boolean| hasSurrogateCampaigns boolean| hasUserDonated string| surrogateCampaginLoginRedirectUrl boolean| isUserLoggedIn boolean| loggedUserEmail number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_text object| _vwo_textnode object| _vwo_geo string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa string| _vwo_opa_cb string| _vwo_worker_cb object| wizrocket object| $WZRK_WR object| $CLTP_WR object| google_tag_manager function| postscribe object| angular object| requestvalue number| newStory object| user_data string| cdn_url function| pageData string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| twq object| _tfa object| dotq function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| hjSiteSettings function| hjBootstrap object| __nls object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| page_version object| typeAB function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO number| ___vwo object| app boolean| isWhiteLabel string| api_url boolean| isToken_url string| dimensionValue string| usedDevice number| isbilldesk object| componentForm object| twttr object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| discardDraft object| addthis_config object| __core-js_shared__ function| Razorpay function| Stripe function| login function| getFriends function| triggerFShareDialogClick function| triggerFShareExitDialogClick function| fbPageShare function| fbElfPageShare function| fbIplshare function| showCount function| loginFB function| connect function| DialogTrigger function| chechPopupShown function| setPopupShown function| setPopUpCookie function| getPopUpCookie function| ga_ABcheck function| ga_KettoLike function| ga_startCampaign function| event_fb_connect function| event_profilePic_popup function| AB_ExiteIntent function| ga_shareCommentAb function| showLeadModelBox function| setCookie function| getCookie function| showCampaignDraftPopup function| managerHelpPopup function| managerHelpPopupMobile function| showLeadModelBoxMobile function| similarFundModelBoxMobile function| systemEvent function| triggerEvent object| WIZRocket number| search_click function| Blazy function| fbAsyncInit function| setImmediate function| clearImmediate function| swal function| sweetAlert object| bioEp object| intlTelInputUtils object| TRC object| TRCImpl function| __trcError function| __trcJSONify object| queue object| FB object| difference function| getClientId2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.ketto.org/ | Name: utm_medium Value: email |
|
www.ketto.org/ | Name: utm_source Value: external_kenscio |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8611446.fls.doubleclick.net
ads.instabid.tech
ajax.googleapis.com
analytics.twitter.com
apis.ketto.org
bam.nr-data.net
c.agdgtl.com
cdn.taboola.com
checkout.razorpay.com
cm.g.doubleclick.net
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
js-agent.newrelic.com
js.stripe.com
mail.quicklivedeals.com
px.instabid.tech
s.yimg.com
script.hotjar.com
secure.adnxs.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
trc.taboola.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ketto.org
wzrkt.com
104.244.46.80
13.126.155.42
13.232.153.143
143.204.101.78
147.75.80.178
147.75.83.19
151.101.0.176
151.101.2.110
151.101.2.2
159.122.87.148
159.122.87.153
162.247.242.19
172.217.23.162
185.33.223.210
188.125.66.33
199.16.156.73
199.16.156.75
216.58.205.226
216.58.207.38
2600:9000:20bb:3e00:d:e617:f340:21
2600:9000:20bb:d200:d:e617:f340:21
2a00:1288:7c:800::4001
2a00:1450:4001:806::2004
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:4001:821::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c08::9a
2a00:1450:400c:c08::9c
2a00:1450:400c:c0a::61
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f029:11:face:b00c:0:2
2a03:2880:f11c:8083:face:b00c:0:25de
52.210.161.187
52.50.103.2
52.77.171.92
54.169.14.94
54.169.244.171
91.192.43.151
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0678fe3986782fd747ccdf5678028638d871c00001a57e81eb9cab942f04834e
099099b02de6423955d3b29c2057620301faa9832a0a9e5aff566c270d4f307b
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1207558f5b5d377866cd340cdc8a4c0ae15098fa521dcdd6dbd6ce4fa77c6c9e
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
1795f5502dd988b5dc90ce3b9c7dd056935d0dcde0cc205139308eccc9dd85f4
1a354d833d3717ca39f39a46d944c65c4f575743c8bc00689acbcf463d3de6cf
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117
1f9d5432c995c67684bfc623858683952097f38c7405c894b2dccceb81af54b4
20d507b3ac574080805b988db5ed4646347884a610b8ffb834c9a4808592872d
25602cc25bd2ba88d1df0215b543fa6839fe4bdb2caebeec91a533d9027714ba
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
2de8829de6fe96b436ab4e270194c342bc55e3d91026740e2d0dfd1e8fc14181
2f5bc5ddd4401d58adc04ff122c395d429c213fe2b8ec86d9f4312cf5598989b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
337afd84c4413d5b4d590d4fa7da21db38d8b7625748ea3bb03cd5dc81fd2225
35281730aea2864d868b17ccd6e3e2ea74b53bb1091e8613dd249c689b1ac989
3578fc4c269069b2b094acb025ec38d04f4d2b2f5790e0d30d704dcf32e9d1d2
3766c7dc97eb5b7347bc167cd08e79ea9273fbf587a4741198ba0a0bcaaed0d7
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
3b0730d022e93c8fe7885b3c14366ff80ca087ddcb4b723bd9f36a9bfbd4db5c
46be62e10ab7fe56805a7a51ae7ca54c96539db8c3e5121fe50a9e6236f15a5b
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
525936107596e6a3c36cda1babfa7a688cc88988858f03effbc2605a1e01a03b
52ed49f76c6f0aa20536879fc017e64532d995e7645dc17e99f8c311cfdf12b3
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794
6be7b10da3436735a7da81070eb1392f8503614a1f1bc77dfd6c634d64028f17
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8162d49f559d26803d96f86b55f81f663f62b9f865c9bfda7397a429ba1e63fd
81b0036608574dee94fb2bf0eb8b23e9175d41fbb1c09132aa9e1e7f3250039a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91ac593c251900f8375f8da34f3b87afb65c360330e25f62b07ae98ae8cf46d2
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156
95375255ecc9eeec1f7f415fca9d993cd3b446b3c217c69729b1038e1e5afc14
998d548363a3d9f10ddf546d5102887498076733fdafca8bc1bf74d988b3049a
9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f
9fe874b8032c742f531e22c0b2bd68552fc02d71e916d4b6ef6c1003ace35fb2
a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad164a5d21d4601d432d91d8f0fbd65d6e3b24f70798f75ae63bfbc2951cab37
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b92379c5b60656b10a5a9955af716cb4d4bd964518fe6cb3e55e88153a8a4cdc
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
be324f832c99a743be6e9bb6e888e37f1d6ad4e3fb0b9390477a40c2d5d6ce99
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c571030c5e0ec1150f1a9d28f8748a05f103a5dd5c687d968b0ad8cb85b51bf5
c7143357f014d4f423a93739d4e083cb74ce226a80c980df06d4e726822c7e33
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf
c992a85700a5e21c970ba0ec2b657e2e652ecdb2a72cb108065217d676b2c5ea
cb44f4887bb8b09d0187a4e6d0777a756b89955533b01ad1d6e6bded19dd94e6
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
ccc5e2343c1e0ff2c59463f8319e3dffc96a0429a372e71f133f4bba2a393a07
d11075cd7df2682b221d194573250d4aed0a6a4e3a151acf41d1b14053495b85
d12571fb058caba3e2478b76fc95d3f65741995d085ef27e29434b6e6d67791c
d6babff8a064a68c126adbc925a876484b9540e78f9d24711d6b529071a8ffd2
de48175c077ffa4ef22e1fdc0b89a9c4afb3daec01a99eb6b6df85e7cafa782e
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc51b5e6c7d632e48323c47b5eb68f121e8b321bb5e05ef1fb39fdf4bc8a34f
ec76a8791725e26557ae0aaaba4eb15e68301e54864f75311f7ad77455731da9
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48efb045bd94f72553e37dabf22e73b6759ecc4ab4f12961285222f7e582a37
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fb290807222c02a89787fa762198c27e14ed0966932472ffecdbe99f9665d4e1
fd66b41954b5995d58a437f960fca4d3133aef487be39b50ac80b20e3f496444
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c