login.kiva.org Open in urlscan Pro
2606:4700::6811:feb6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.kiva.org/portfolio
Effective URL:
https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlP...
Submission Tags: dumps education Search All
Submission: On May 22 via api (May 22nd 2024, 1:36:11 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6811:feb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.kiva.org.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.

This is the only time login.kiva.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
1 3	2606:4700::68... 2606:4700::6811:feb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a04:4e42::591 2a04:4e42::591	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	34.139.124.58 34.139.124.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
14	7

2 151.101.1.91 (San Francisco, United States) 2 redirects

ASN54113 (FASTLY, US)

www.kiva.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:feb6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.kiva.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::591 (United States)

ASN54113 (FASTLY, US)

www-kiva-org.freetls.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.139.124.58 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.124.139.34.bc.googleusercontent.com

events.fivetran.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

www-kiva-org.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fastly.net www-kiva-org.freetls.fastly.net www-kiva-org.global.ssl.fastly.net	334 KB
5	kiva.org 3 redirects www.kiva.org — Cisco Umbrella Rank: 684951 login.kiva.org	613 KB
2	fivetran.com events.fivetran.com — Cisco Umbrella Rank: 25467	323 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1017 B
14	6

	Domain	Requested by
6	www-kiva-org.freetls.fastly.net	login.kiva.org
3	login.kiva.org	1 redirects login.kiva.org
2	events.fivetran.com	login.kiva.org
2	www.kiva.org	2 redirects
1	www-kiva-org.global.ssl.fastly.net
1	www.google-analytics.com	login.kiva.org
1	cdn.jsdelivr.net	login.kiva.org
1	fonts.googleapis.com	client
14	8

This site contains no links.

Subject Issuer	Validity	Valid
login.kiva.org E1	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
events.fivetran.com R3	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth
Frame ID: 82E3308945F7115936F5D199413D0F46
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | Kiva

Page URL History Show full URLs

https://www.kiva.org/portfolio HTTP 302
https://www.kiva.org/ui-login?doneUrl=%2Fportfolio HTTP 302
https://login.kiva.org/authorize?scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql... HTTP 302
https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3Rp... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

14
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

995 kB
Transfer

1072 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.kiva.org/portfolio HTTP 302
https://www.kiva.org/ui-login?doneUrl=%2Fportfolio HTTP 302
https://login.kiva.org/authorize?scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth&state=FS8YvFyzGNj3XuH4Augnjo3U&client_id=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd HTTP 302
https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
login.kiva.org/
Redirect Chain

https://www.kiva.org/portfolio
https://www.kiva.org/ui-login?doneUrl=%2Fportfolio
https://login.kiva.org/authorize?scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org...
https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA...

609 KB
610 KB

295ms
294ms

Document
text/html

2606:4700::6811:feb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:feb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ab38ad96a4384de63863b70def9734563997a6dd0a6d4e79cb2ab931e4bf3f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 887912c89ba7bb9e-FRA
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Wed, 22 May 2024 01:36:06 GMT
etag: W/"98427-UruBH+P71uMDes7sLN+CCCNf9NU"
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: bd11fa64a818c6c2090d
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1716341767
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 887912c69a07bb9e-FRA
content-length: 930
content-type: text/html; charset=utf-8
date: Wed, 22 May 2024 01:36:06 GMT
location: /login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 3426aa1d1013c378fe08
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1716341767

GET
H2 200 PostGrotesk-Medium.8c8a585.woff2
www-kiva-org.freetls.fastly.net/static/fonts/ 51 KB
51 KB 66ms
19ms Font
font/woff2 2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www-kiva-org.freetls.fastly.net/static/fonts/PostGrotesk-Medium.8c8a585.woff2

Requested by

Host: login.kiva.org
URL: https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af3217841bcbe45bd64c385c1f1b6b204145760be5e56482db1d2c9930f0ac40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://login.kiva.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 May 2024 01:36:06 GMT
x-permitted-cross-domain-policies: none
age: 6330
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 52296
x-xss-protection: 0
x-served-by: cache-bfi-krnt7300067-BFI, cache-fra-etou8220020-FRA
referrer-policy: no-referrer
last-modified: Mon, 20 May 2024 23:13:13 GMT
x-timer: S1716341767.845000,VS0,VE1
etag: W/"cc48-18f9847cb28"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 64, 0

GET
H2 200 PostGrotesk-MediumItalic.133f41d.woff2
www-kiva-org.freetls.fastly.net/static/fonts/ 52 KB
52 KB 65ms
19ms Font
font/woff2 2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www-kiva-org.freetls.fastly.net/static/fonts/PostGrotesk-MediumItalic.133f41d.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d3a092af476901b184be2a7d27fd9c235e404a5c0210c2de1ac7d6193976685d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://login.kiva.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 May 2024 01:36:06 GMT
x-permitted-cross-domain-policies: none
age: 94377
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 52832
x-xss-protection: 0
x-served-by: cache-bfi-krnt7300073-BFI, cache-fra-etou8220020-FRA
referrer-policy: no-referrer
last-modified: Mon, 20 May 2024 23:13:13 GMT
x-timer: S1716341767.845028,VS0,VE1
etag: W/"ce60-18f9847cb28"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 16, 0

GET
H2 200 PostGrotesk-Book.246fc8e.woff2
www-kiva-org.freetls.fastly.net/static/fonts/ 49 KB
50 KB 66ms
19ms Font
font/woff2 2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www-kiva-org.freetls.fastly.net/static/fonts/PostGrotesk-Book.246fc8e.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4640196f5436a25bacd0d99e8697b2c1d1dceabff81b5f1bf8a4d46729f83eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://login.kiva.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 May 2024 01:36:06 GMT
x-permitted-cross-domain-policies: none
age: 94379
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 50108
x-xss-protection: 0
x-served-by: cache-bfi-krnt7300047-BFI, cache-fra-etou8220020-FRA
referrer-policy: no-referrer
last-modified: Mon, 20 May 2024 23:13:13 GMT
x-timer: S1716341767.844856,VS0,VE1
etag: W/"c3bc-18f9847cb28"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 421, 0

GET
H2 200 PostGrotesk-BookItalic.4d06d39.woff2
www-kiva-org.freetls.fastly.net/static/fonts/ 48 KB
48 KB 65ms
18ms Font
font/woff2 2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www-kiva-org.freetls.fastly.net/static/fonts/PostGrotesk-BookItalic.4d06d39.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa9e3e00343edfbaf3d9be8acee84df80ece01dbc7f6450b8ce93624af68db81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://login.kiva.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 May 2024 01:36:06 GMT
x-permitted-cross-domain-policies: none
age: 94379
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 48840
x-xss-protection: 0
x-served-by: cache-bfi-krnt7300075-BFI, cache-fra-etou8220020-FRA
referrer-policy: no-referrer
last-modified: Mon, 20 May 2024 23:13:13 GMT
x-timer: S1716341767.845016,VS0,VE1
etag: W/"bec8-18f9847cb28"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 17, 0

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1017 B 87ms
28ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 May 2024 01:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 May 2024 01:06:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 May 2024 01:36:06 GMT

GET
H2 200 sp.js Show response
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.17.0/ 77 KB
28 KB 157ms
19ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.17.0/sp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d513e68819a0e192c171cea1870322e95f763cb331eca802021287c2780759d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 May 2024 01:36:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2501126
x-jsd-version: 2.17.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28083
x-served-by: cache-fra-etou8220026-FRA
x-jsd-version-type: version
etag: W/"135e2-Xky3hHgVtoeqksVEaiQxldxi+xg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 165ms
23ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 May 2024 00:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4019
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 22 May 2024 02:29:08 GMT

POST
H3 200 challenge Show response
login.kiva.org/usernamepassword/ 18 B
416 B 280ms
280ms XHR
application/json 2606:4700::6811:feb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.kiva.org/usernamepassword/challenge

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:feb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Auth0-Client: eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yNC4xIn0=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 22 May 2024 01:36:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-auth0-requestid: 7e95888f02eba3f1c74a
alt-svc: h3=":443"; ma=86400
content-length: 18
server: cloudflare
etag: W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
x-ratelimit-remaining: 299
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
x-ratelimit-reset: 1716341768
x-ratelimit-limit: 300
cf-ray: 887912cbff093807-FRA

GET
H2 200 PostGrotesk-Book.246fc8e.woff2
www-kiva-org.freetls.fastly.net/static/fonts/ 49 KB
49 KB 42ms
16ms Font
font/woff2 2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www-kiva-org.freetls.fastly.net/static/fonts/PostGrotesk-Book.246fc8e.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4640196f5436a25bacd0d99e8697b2c1d1dceabff81b5f1bf8a4d46729f83eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://login.kiva.org/
Origin: https://login.kiva.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 May 2024 01:36:07 GMT
x-permitted-cross-domain-policies: none
age: 94379
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 50108
x-xss-protection: 0
x-served-by: cache-bfi-krnt7300047-BFI, cache-fra-etou8220020-FRA
referrer-policy: no-referrer
last-modified: Mon, 20 May 2024 23:13:13 GMT
x-timer: S1716341767.077680,VS0,VE1
etag: W/"c3bc-18f9847cb28"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 421, 1

GET
H2 200 PostGrotesk-Medium.8c8a585.woff2
www-kiva-org.freetls.fastly.net/static/fonts/ 51 KB
51 KB 42ms
16ms Font
font/woff2 2a04:4e42::591
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www-kiva-org.freetls.fastly.net/static/fonts/PostGrotesk-Medium.8c8a585.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::591 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af3217841bcbe45bd64c385c1f1b6b204145760be5e56482db1d2c9930f0ac40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://login.kiva.org/
Origin: https://login.kiva.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Wed, 22 May 2024 01:36:07 GMT
x-permitted-cross-domain-policies: none
age: 6331
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 52296
x-xss-protection: 0
x-served-by: cache-bfi-krnt7300067-BFI, cache-fra-etou8220020-FRA
referrer-policy: no-referrer
last-modified: Mon, 20 May 2024 23:13:13 GMT
x-timer: S1716341767.077662,VS0,VE1
etag: W/"cc48-18f9847cb28"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-store
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 64, 1

POST
H2 200 tp2 Show response
events.fivetran.com/snowplow/kiva_rules/com.snowplowanalytics.snowplow/ 53 B
323 B 378ms
140ms XHR
application/json 34.139.124.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://events.fivetran.com/snowplow/kiva_rules/com.snowplowanalytics.snowplow/tp2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.139.124.58 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.124.139.34.bc.googleusercontent.com

Software

Resource Hash

4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 22 May 2024 01:36:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: https://login.kiva.org
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 53

OPTIONS
H2 200 tp2
events.fivetran.com/snowplow/kiva_rules/com.snowplowanalytics.snowplow/ 0
0 414ms
119ms Preflight
application/json 34.139.124.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://events.fivetran.com/snowplow/kiva_rules/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.139.124.58 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.124.139.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://login.kiva.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, HEAD, OPTIONS
access-control-allow-origin: https://login.kiva.org
content-length: 0
content-type: application/json
date: Wed, 22 May 2024 01:36:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H/1.1 200
OK favicon.ico
www-kiva-org.global.ssl.fastly.net/img/favicon/ 32 KB
33 KB 275ms
171ms Other
image/vnd.microsoft.icon 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www-kiva-org.global.ssl.fastly.net/img/favicon/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Caddy /
Resource Hash: 81a08c54cc6825ad4b8cb2f16d8bd36d619eb4ba272f0b4ba4cff146e8602783

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 22 May 2024 01:36:07 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache: MISS, MISS
Connection: keep-alive
Content-Length: 32988
X-Served-By: cache-bfi-krnt7300028-BFI, cache-fra-etou8220030-FRA
Last-Modified: Fri, 17 May 2024 18:51:19 GMT
Server: Caddy
X-Timer: S1716341767.320459,VS0,VE152
Etag: "sdn8djpgc"
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD,PATCH,PUT,DELETE
Content-Type: image/vnd.microsoft.icon
Access-Control-Allow-Origin: https://kiva.production.kiva.org
Cache-Control: no-store
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Cache-Hits: 0, 0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.kiva.org/usernamepassword/login	1970-01-20 21:00:05	Name: _csrf Value: aynMDWuX0LgWu48v-QX5k9aq
www.kiva.org/	1969-12-31 23:59:59	Name: kv Value: sgtpdj9082dgf316h3vie7mvdg
www.kiva.org/	1969-12-31 23:59:59	Name: kvis Value: crumb%3D1e01847c0d7a2d8a0ff3a67b65e6f048
www.kiva.org/	1969-12-31 23:59:59	Name: kvbskt Value: CBKjG0N5tuyrZfLEEiTfpg%3D%3D
www.kiva.org/	1970-01-20 20:47:08	Name: ui Value: s%3AXrfWojixa86oKFRLYnOblazRo5c06YQ-.r2lHutZqb4fr6rp6nZMoCYTPOfzWvtvLSQdH5ZYTjQs
www.kiva.org/	1970-01-21 06:21:41	Name: uiv Value: 6309df65-b99a-4012-bde8-b993893d5d10
login.kiva.org/	1970-01-21 05:31:39	Name: did Value: s%3Av0%3Aa8760c00-17db-11ef-8bc1-139dc8aa1ae3.wAL4OWiuG0EFtwlM%2B9RtzaVjwVr46ymsgv8QzkxRPH0
login.kiva.org/	1970-01-20 20:50:00	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBF47IF-7VenrwZXoS6ROKd5ahfd03sJpucJ97dH6F5lRstoPux2QVJWpFNiL1CDf8JGW2GPQDG1e88hYpj_HammY29va2llg6dleHBpcmVz1_9eaewAZlFAhq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.G7BAM7MarXIjxNGZnRu1ieNfgKVDQgsHYkv6TAwj%2BR4
login.kiva.org/	1970-01-21 05:31:39	Name: did_compat Value: s%3Av0%3Aa8760c00-17db-11ef-8bc1-139dc8aa1ae3.wAL4OWiuG0EFtwlM%2B9RtzaVjwVr46ymsgv8QzkxRPH0
login.kiva.org/	1970-01-20 20:50:00	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQBF47IF-7VenrwZXoS6ROKd5ahfd03sJpucJ97dH6F5lRstoPux2QVJWpFNiL1CDf8JGW2GPQDG1e88hYpj_HammY29va2llg6dleHBpcmVz1_9eaewAZlFAhq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.G7BAM7MarXIjxNGZnRu1ieNfgKVDQgsHYkv6TAwj%2BR4
.kiva.org/	1970-01-20 20:45:43	Name: _sp_ses.6d5c Value: *
.kiva.org/	1970-01-21 06:21:41	Name: _sp_id.6d5c Value: 036c7e99-e112-4e96-b307-12de37d7b01b.1716341767.1.1716341767.1716341767.6d89a738-b4aa-4378-b04a-16a2de856fa4
.kiva.org/	1970-01-21 06:21:41	Name: _ga Value: GA1.2.1734175639.1716341767
.kiva.org/	1970-01-20 20:47:08	Name: _gid Value: GA1.2.1005468816.1716341767

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://login.kiva.org/login?state=hKFo2SAtRm1fa3VVQWtnTkJHZHdGR0VaR3o4a0dNRmVwRnhEeKFupWxvZ2luo3RpZNkgZm5xVHNGV0JEdjlPWEJNSnBnYXVBbENnVjRBM1pYVjmjY2lk2SB4UmJpM25rdVlaMkI4cmpZZzRWZHlaYjJFYUkxZmhQZA&client=xRbi3nkuYZ2B8rjYg4VdyZb2EaI1fhPd&protocol=oauth2&scope=openid%20mfa&audience=https%3A%2F%2Fapi.kivaws.org%2Fgraphql&nonce=f9d590014530f68eadb49461b76f3abb&response_type=code&redirect_uri=https%3A%2F%2Fwww.kiva.org%2Fprocess-ssr-auth#/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
events.fivetran.com
fonts.googleapis.com
login.kiva.org
www-kiva-org.freetls.fastly.net
www-kiva-org.global.ssl.fastly.net
www.google-analytics.com
www.kiva.org
151.101.1.194
151.101.1.91
2001:4860:4802:34::178
2606:4700::6811:feb6
2a00:1450:4001:810::200a
2a04:4e42:400::485
2a04:4e42::591
34.139.124.58
3ab38ad96a4384de63863b70def9734563997a6dd0a6d4e79cb2ab931e4bf3f4
4081a5f270ace3305571b8f393e20c3a50141d103fb6fced35cf64d5182c2cd2
4640196f5436a25bacd0d99e8697b2c1d1dceabff81b5f1bf8a4d46729f83eef
81a08c54cc6825ad4b8cb2f16d8bd36d619eb4ba272f0b4ba4cff146e8602783
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
af3217841bcbe45bd64c385c1f1b6b204145760be5e56482db1d2c9930f0ac40
d3a092af476901b184be2a7d27fd9c235e404a5c0210c2de1ac7d6193976685d
d513e68819a0e192c171cea1870322e95f763cb331eca802021287c2780759d1
d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
fa9e3e00343edfbaf3d9be8acee84df80ece01dbc7f6450b8ce93624af68db81

login.kiva.org Open in urlscan Pro 2606:4700::6811:feb6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

63 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

995 kBTransfer

1072 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

14 Cookies

1 Console Messages

Security Headers

Indicators

login.kiva.org Open in urlscan Pro
2606:4700::6811:feb6 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

995 kB
Transfer

1072 kB
Size

14
Cookies

14 HTTP transactions
0 data transactions