urlscan.io logo urlscan.io
SecurityTrails logo

www.ketto.org Open in urlscan Pro
52.222.157.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mail.quicklivedeals.com/re?l=D0Is4drnwI7vfunvbI0
Effective URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Submission: On July 02 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 7 countries across 23 domains to perform 95 HTTP transactions. The main IP is 52.222.157.7, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon on November 24th 2018. Valid for: a year.
This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.192.43.154 15960 (GLOBALACCESS)
1 52.222.157.7 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
25 2600:9000:204... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.157.156 16509 (AMAZON-02)
2 159.122.87.153 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.232.209.250 16509 (AMAZON-02)
3 151.101.112.176 54113 (FASTLY)
2 13.232.119.255 16509 (AMAZON-02)
2 172.217.18.2 15169 (GOOGLE)
3 4 2a00:1450:400... 15169 (GOOGLE)
3 7 172.217.23.166 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
5 151.101.14.2 54113 (FASTLY)
1 2a00:1288:f03... 10310 (YAHOO-1)
3 3 2a00:1450:400... 15169 (GOOGLE)
4 8 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 52.222.149.56 16509 (AMAZON-02)
7 54.169.244.171 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.162 15169 (GOOGLE)
2 54.194.178.165 16509 (AMAZON-02)
95 28
1    91.192.43.154 (Germany)

ASN15960 (GLOBALACCESS, DE)
mail.quicklivedeals.com
1    52.222.157.7 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-7.fra53.r.cloudfront.net
www.ketto.org
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
25    2600:9000:2047:c000:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    52.222.157.156 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-156.fra53.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
2    159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    13.232.209.250 (Mumbai, India)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-232-209-250.ap-south-1.compute.amazonaws.com
checkout.razorpay.com
3    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js.stripe.com
2    13.232.119.255 (Mumbai, India)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-232-119-255.ap-south-1.compute.amazonaws.com
api.juspay.in
2    172.217.18.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
7    172.217.23.166 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f166.1e100.net
9237602.fls.doubleclick.net
ad.doubleclick.net
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
5    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
trc.taboola.com
1    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
s.yimg.com
3    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
8    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
8    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    52.222.149.56 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-56.fra53.r.cloudfront.net
d3oxf4lkkqx2kx.cloudfront.net
7    54.169.244.171 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
apis.ketto.org
1    2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
1    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    172.217.23.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net
googleads4.g.doubleclick.net
2    54.194.178.165 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-178-165.eu-west-1.compute.amazonaws.com
wzrkt.com
Domain Requested by
25 d1vdjc70h9nzd9.cloudfront.net www.ketto.org
ajax.googleapis.com
8 www.google.de www.ketto.org
8 www.google.com 4 redirects www.ketto.org
7 apis.ketto.org www.ketto.org
6 9237602.fls.doubleclick.net 3 redirects www.googletagmanager.com
5 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
5 connect.facebook.net www.ketto.org
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
4 trc.taboola.com www.ketto.org
4 www.facebook.com www.ketto.org
connect.facebook.net
4 www.google-analytics.com 3 redirects www.googletagmanager.com
3 stats.g.doubleclick.net 3 redirects
3 js.stripe.com www.ketto.org
js.stripe.com
2 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
2 www.googleadservices.com www.googletagmanager.com
2 api.juspay.in www.ketto.org
api.juspay.in
2 dev.visualwebsiteoptimizer.com www.ketto.org
2 www.googletagmanager.com www.ketto.org
www.googletagmanager.com
1 googleads4.g.doubleclick.net www.ketto.org
1 www.googletagservices.com ad.doubleclick.net
1 staticxx.facebook.com connect.facebook.net
1 graph.facebook.com www.ketto.org
1 d3oxf4lkkqx2kx.cloudfront.net www.ketto.org
1 ad.doubleclick.net www.ketto.org
1 s.yimg.com www.ketto.org
1 cdn.taboola.com www.ketto.org
1 checkout.razorpay.com www.ketto.org
1 fonts.gstatic.com www.ketto.org
1 d2r1yp2w7bby2u.cloudfront.net www.ketto.org
1 ajax.googleapis.com www.ketto.org
1 fonts.googleapis.com www.ketto.org
1 www.ketto.org www.ketto.org
1 mail.quicklivedeals.com 1 redirects
0 static.ads-twitter.com Failed www.ketto.org
0 static.hotjar.com Failed www.ketto.org
95 34
Subject Issuer Validity Valid
ketto.org
Amazon		 2018-11-24 -
2019-12-24		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.razorpay.com
Amazon		 2018-09-27 -
2019-10-27		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-21 -
2019-09-03		 3 months crt.sh
api.juspay.in
Amazon		 2019-03-20 -
2020-04-20		 a year crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-01 -
2019-09-07		 5 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-06-27 -
2019-08-11		 a month crt.sh
www.google.de
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
apis.ketto.org
Let's Encrypt Authority X3		 2019-06-26 -
2019-09-24		 3 months crt.sh
wzrkt.com
DigiCert ECC Secure Server CA		 2018-11-11 -
2019-11-20		 a year crt.sh

This page contains 9 frames:

Primary Page: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Frame ID: 14A0B95200B5D7DB7BCCD77723590688
Requests: 88 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Frame ID: 9DC5821EAF362EDD72385A2154FB3A48
Requests: 1 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Frame ID: 83C5744C65CB48703FF328C693B809CF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0CE15B9C97DF9557ECE67DDF4A3DD4C3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default276810&stripe_xdm_p=1
Frame ID: 63A785BDAF3433A433E620284CA2741D
Requests: 1 HTTP requests in this frame

Frame: https://api.juspay.in/payjs-iframe
Frame ID: B4E1995C2B0457255F629B3FD94AAE86
Requests: 1 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Frame ID: 02CDE7B7445CD9A206057969AFD220CC
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 63E06449F0C90B40EFFCCBB818506CF2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 5E452820BBD4D1C568A40491D8E24814
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mail.quicklivedeals.com/re?l=D0Is4drnwI7vfunvbI0 HTTP 302
    https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

95
Requests

97 %
HTTPS

52 %
IPv6

23
Domains

34
Subdomains

28
IPs

7
Countries

1254 kB
Transfer

3553 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mail.quicklivedeals.com/re?l=D0Is4drnwI7vfunvbI0 HTTP 302
    https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Request Chain 33
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Request Chain 41
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=592540813&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&_u=YEBAAAAB~&jid=748302969&gjid=148110350&cid=1587407918.1562059505&tid=UA-30181760-1&_gid=1000972497.1562059505&_r=1&gtm=2wg6k2MJRMLZ&cd12=1562059504614.q8b5ojna&z=851733987 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_gid=1000972497.1562059505&gjid=148110350&_v=j77&z=851733987 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_v=j77&z=851733987 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_v=j77&z=851733987&slf_rd=1&random=4089889487
Request Chain 44
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/?random=1562059504713&cv=9&fst=1562059504713&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/837073759/?random=1562059504713&cv=9&fst=1562058000000&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&cdct=2&is_vtc=1&random=247173917&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/837073759/?random=1562059504713&cv=9&fst=1562058000000&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&cdct=2&is_vtc=1&random=247173917&resp=GooglemKTybQhCsO&ipr=y
Request Chain 69
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=592540813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.&_u=aEBAAAAB~&jid=260893912&gjid=465479687&cid=2047603445.1562059522&tid=UA-30181760-1&_gid=431995758.1562059522&_r=1&gtm=2wg6k2MJRMLZ&cd7=150&cd8=saveanup&cd9=83782&cd10=ad&z=1535962785 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_gid=431995758.1562059522&gjid=465479687&_v=j77&z=1535962785 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_v=j77&z=1535962785 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_v=j77&z=1535962785&slf_rd=1&random=18393710
Request Chain 75
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Request Chain 76
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=592540813&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=undefined&ea=undefined&_u=aEDAAEAB~&jid=1807876090&gjid=1671135419&cid=2047603445.1562059522&tid=UA-80298164-1&_gid=431995758.1562059522&_r=1&gtm=2wg6k2MJRMLZ&z=854918240 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_gid=431995758.1562059522&gjid=1671135419&_v=j77&z=854918240 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_v=j77&z=854918240 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_v=j77&z=854918240&slf_rd=1&random=2636925662

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request saveanup
www.ketto.org/stories/
Redirect Chain
  • http://mail.quicklivedeals.com/re?l=D0Is4drnwI7vfunvbI0
  • https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
280 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-7.fra53.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
6eb0bcaff2e132da06846f8da58e6bd708e2b5592a5d9f37d8d111f3cb768e57

Request headers

:method
GET
:authority
www.ketto.org
:scheme
https
:path
/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2019 09:25:03 GMT
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pageurl-1
1
pragma
no-cache
vary
Accept-Encoding
x-mod-pagespeed
1.13.35.2-0
x-powered-by
PHP/5.6.40
set-cookie
KETTOSESSID=qhvv1muq9e8l9j7b1nrlcs4sb6; path=/; domain=.ketto.org k_utm=eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfa2Vuc2NpbyIsInV0bV9tZWRpdW0iOiJlbWFpbCIsInV0bV9jYW1wYWlnbiI6InNhdmVhbnVwIn0%3D; expires=Sun, 29-Dec-2019 09:25:03 GMT; Max-Age=15552000; path=/ ip_location=eyJjb3VudHJ5X2NvZGUiOiJDSCIsImNvdW50cnlfbmFtZSI6IlN3aXR6ZXJsYW5kIiwicmVnaW9uX25hbWUiOiJadXJpY2giLCJ6aXBfY29kZSI6IjgwMTAiLCJjaXR5X25hbWUiOiJadXJpY2gifQ%3D%3D; expires=Tue, 09-Jul-2019 09:25:03 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=56840deba35ebbebc1ebbe0cbe5fc928; expires=Thu, 08-Jun-2119 09:25:03 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiJiNDg4YzA4NTRiNzJkODdkYmFjNjhlOTAwNmEzYjkxYiIsInN0IjoxNTYyMDYxMzAzfQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJDSCIsImNvdW50cnlfbmFtZSI6IlN3aXR6ZXJsYW5kIiwicmVnaW9uX25hbWUiOiJadXJpY2giLCJ6aXBfY29kZSI6IjgwMTAiLCJjaXR5X25hbWUiOiJadXJpY2gifQ%3D%3D; expires=Tue, 09-Jul-2019 09:25:03 GMT; Max-Age=604800; path=/; domain=.ketto.org
x-cache
Miss from cloudfront
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53
x-amz-cf-id
S24tr7JhLeivz64gKuMU-VeugSCn4hR1fjYz7yGvlpWDF_ucrrbl_Q==

Redirect headers

Date
Tue, 02 Jul 2019 09:24:59 GMT
Server
WebServer
Location
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Content-Length
0
Keep-Alive
timeout=2, max=1
Connection
Keep-Alive
css
fonts.googleapis.com/ 		5 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0c4592cb56bec1a745568b3dd0746818ec4cb08e996c96175e7abd37d774dc8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jul 2019 09:25:04 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 02 Jul 2019 09:25:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 02 Jul 2019 09:25:04 GMT
story-custom.91b4ae.css
d1vdjc70h9nzd9.cloudfront.net/less/ 		296 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc3efd4158c7ca75c9fc1a167e098e831d03d2f344cc78d54aa39611630a8523

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Jun 2019 07:27:29 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 06:55:05 GMT
server
AmazonS3
age
66696
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
qv9JDbn3LbpGbPxtiRF_M13stQ20gYSZeoxs6AFs5CFGnXupawg1Tw==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
stories.designD.bundle.591252.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		104 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dd8a9994cf73fe3e5400885977b90713219032adf4553ed554c33b6a9be260f

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 01 Jul 2019 09:57:36 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 06:52:52 GMT
server
AmazonS3
age
85890
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
8uAa9KOFonN5Xax-wq47N7krkOVVfXi58_CW08gBsE56GlvuV0IWLg==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Jun 2019 20:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1601411
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30028
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jun 2020 20:34:53 GMT
angular.min.js
d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/angular.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 20:46:36 GMT
content-encoding
gzip
last-modified
Sat, 12 May 2018 15:51:07 GMT
server
AmazonS3
age
477509
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
x-amz-cf-id
GTAn2vFwOomjM6DgV8RAx71NMrq32AEVC1n0vRKos_-1I0-hm7qn9A==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
b99b2cd0cb91102d9be80c98d62ce8450158eeb7.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/83000/83782/image/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/83000/83782/image/b99b2cd0cb91102d9be80c98d62ce8450158eeb7.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d9b9aeb42ba18a37784c42849f2f90b375299a934ac1e8580ab67caa32727c0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:05 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Mar 2019 06:23:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"1459aa08bfb6a4a187c34b546ca8d248"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
61148
x-amz-cf-id
IKkb1p0J10D69ZOfhcOGXeeEQ_9E1Ipu09RdCjh8SNIDgI1ogjpcoQ==
ketto_assured_icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/ketto_assured_icon.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 01:17:52 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:11:56 GMT
server
AmazonS3
age
2621232
etag
"200ceec5ec95c93879aad89ad37c2b2c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
8241
x-amz-cf-id
faMix21Nn09gDIfDjXu3G_pU5YMhypOAy0OXdmwSC3txkXb1fjdPIQ==
check-circle.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		525 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 May 2019 23:21:27 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:09:56 GMT
server
AmazonS3
age
3060218
etag
"da1437e83409e90ba99351cd977c1972"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
525
x-amz-cf-id
8OYBH8y3Pmk9wQphj6UNwEqXrjqfkLv-bfOasD6hFz7VTLEgRKgfuw==
5c74e0be2144d.jpeg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/83000/83782/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/83000/83782/image/5c74e0be2144d.jpeg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
963a6a873821a8958121672d02452b45147fcb62afc5b49c8825d4d90820a187

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:06 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Tue, 26 Feb 2019 06:46:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"29a87b594dca8a4610d13ab1eb71e936"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
4931
x-amz-cf-id
3YGwTYJABMh6j4XWz-cJnjL5oaKjQ0Y_j-dNTIKbhOn1CoU-zPghJQ==
success.svg
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/success.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 01:33:33 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:15 GMT
server
AmazonS3
age
2533892
etag
"b3ac3ad9144c660c6f162cfc15d848f4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
947
x-amz-cf-id
tCVTJNDIroDl2U7yrMU2C-DanKPiC46o5ZeKo7DEk059xovVjTvApQ==
check-circle2.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		271 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle2.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 07:16:33 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Fri, 18 Jan 2019 07:42:34 GMT
server
AmazonS3
age
12664
etag
"48dd2ff3300166f57ecdbe39efd4bb27"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
271
x-amz-cf-id
UKKBrf5rGTCZiJ3rI3jCWmZwan2fqiv32LSHuyuMAq_6DMD5OhplzQ==
gtm.js
www.googletagmanager.com/ 		228 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9c88b523d821c164a1ce39f7d83b4682b2ef6d3bc674e31b4b57b9d6e604f8b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
br
last-modified
Tue, 02 Jul 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
42357
x-xss-protection
0
expires
Tue, 02 Jul 2019 09:25:04 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.156 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-156.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
780c27ba988f780180648bee9633d40f3b2487d774798267052d94923aed7f0d

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 09:20:16 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2019 12:23:51 GMT
Server
AmazonS3
Age
550
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ed0c487879f809919537bf00a2f2dc8f.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, private
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
X-Amz-Cf-Id
Gbn2vcX1GKv8Xg-zlwQOfvDL0aZSXhhqAWdVVV-4TQVgi1zt4IMiRQ==
j.php
dev.visualwebsiteoptimizer.com/ 		894 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.5775806885690662
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
acfb144324fc9f340c63d139775a82afed8c73712092addbfe37eca70b2073bd

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
gzip
server
dacdn2
content-type
application/javascript; charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
logo-light-bg.svg
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 17:33:10 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2018 14:11:57 GMT
server
AmazonS3
age
2562715
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
x-amz-cf-id
lIs2rJpkVBXTMV4KguikZ05u6ijMpoQdSDT9nnY8qgsreir816MD_A==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
icon-secure-lock.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/icon-secure-lock.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 04:59:53 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Thu, 13 Dec 2018 11:12:04 GMT
server
AmazonS3
age
15912
etag
"b073ad3e3f41cfd507c4b09034b210ee"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
1552
x-amz-cf-id
TuQlTBLcKdvZYTSufMMbX-5rI4hPFW5xVfKd64y0ce4F4CWR31Ap1A==
mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/mi-shine.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:18:49 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:02 GMT
server
AmazonS3
age
2966775
etag
"37d16b2f8ba85dd0f6daa5db90b7f902"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
3890
x-amz-cf-id
BP_ns960aVjDcAkZLr2gRfyHDc3K1uJbYsaB0I7nbRfzl-qMY_1wPQ==
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v8/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://www.ketto.org

Response headers

date
Mon, 03 Jun 2019 02:30:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:29:01 GMT
server
sffe
age
2530467
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10292
x-xss-protection
0
expires
Tue, 02 Jun 2020 02:30:37 GMT
fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
Origin
https://www.ketto.org

Response headers

date
Sat, 11 May 2019 08:48:01 GMT
via
1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
age
4495024
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
71896
last-modified
Mon, 07 May 2018 14:12:37 GMT
server
AmazonS3
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Origin
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
UZbM6IfzcNIrRRathgZNk-KXIhScuYDJzGZNgFZ03GS4jKUb7sDhhA==
source-sans-pro-v11-latin-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-regular.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
Origin
https://www.ketto.org

Response headers

date
Thu, 30 May 2019 21:21:38 GMT
via
1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
age
386630
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15908
last-modified
Tue, 20 Nov 2018 09:29:44 GMT
server
AmazonS3
etag
"76d8cbb0496cb184eff868152b67ad45"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
JoxeC5FRPa_b40nFzzfy6O_D1_zC13MCjCwVe3JcbSUjqshu_Si2lw==
source-sans-pro-v11-latin-700.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-700.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
Origin
https://www.ketto.org

Response headers

date
Mon, 01 Jul 2019 22:41:51 GMT
via
1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
age
42059
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15480
last-modified
Tue, 20 Nov 2018 09:29:43 GMT
server
AmazonS3
etag
"f04441cfc122bf84e1cf24058fddba87"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
rytbFKyW0PSKOWjZbQ2A6nfyAEYeBBQs4gtVHeSwBU3MRLJJHRLSfg==
glyphicons-halflings-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
Origin
https://www.ketto.org

Response headers

date
Sun, 12 May 2019 14:46:18 GMT
via
1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
age
148480
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
18028
last-modified
Tue, 20 Nov 2018 09:29:35 GMT
server
AmazonS3
etag
"448c34a56d699c29117adc64c43affeb"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
RIfabzbSqObo_iL5OYosqt-3AU-LI5JhKiOSjIYasU6BE0MMmlsurQ==
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=326437&d=ketto.org&u=D7A88FE2866BFBCAD65D7A3DFEA2140D7&h=492223d8657bdc26b888696cd7a844a3&t=false&r=0.5151588217348599
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
x-content-type-options
nosniff
server
dacdn2
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
razorpay.js
checkout.razorpay.com/v1/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.razorpay.com/v1/razorpay.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.232.209.250 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-232-209-250.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
8acdea793981c91cdca1263946accf9d9362a1b154a257c9a2b44219c426efb6
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 02 Jul 2019 09:25:17 GMT
Content-Encoding
br
Last-Modified
Mon, 01 Jul 2019 11:01:00 GMT
Etag
"5d19e7ec-5426"
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=315360000; includeSubdomains
Access-Control-Allow-Headers
origin
Content-Length
21542
X-Xss-Protection
1; mode=block
/
js.stripe.com/v2/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
669fbe52929575a38eb337b51070255f4a055a03fd6a93d573486d0f0a591344
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:15 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
82
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
20945
x-amz-id-2
uYauKRsguNyx3l4fZoziuNNz56i2kvZt4B6vLX0OEnObtklbkCbrNc8ZDYzIEIfmwz9rVBc3sIE=
x-served-by
cache-hhn4021-HHN
last-modified
Mon, 20 May 2019 21:32:27 GMT
server
AmazonS3
x-timer
S1562059516.949956,VS0,VE0
etag
"96010bc114bba9087e00d973fadec762"
vary
Accept-Encoding
x-amz-request-id
9FB1B4798FFBADF9
via
1.1 varnish
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
64
pay-v2.js
api.juspay.in/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.juspay.in/pay-v2.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.232.119.255 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-232-119-255.ap-south-1.compute.amazonaws.com
Software
*** /
Resource Hash
8ac3d36c6322eefcaea87ebbe52f803e51dfd23937edf4122b4887c51ebb3c4a

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:25 GMT
last-modified
Tue, 25 Jun 2019 02:19:30 GMT
server
***
etag
W/"20346-1561429170000"
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
Connection
keep-alive
accept-ranges
bytes
Content-Length
20346
expires
Sat, 01 Jan 2000 00:00:00 GMT
stories.bundle.min.92c748.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		108 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/stories.bundle.min.92c748.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c2f90cfada5ef8e26757a3bb7b9bb12baf5271e7581d94e870a5da6936c24be

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 07:54:22 GMT
content-encoding
gzip
last-modified
Wed, 26 Jun 2019 07:27:06 GMT
server
AmazonS3
age
77549
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
u3rO35rsGH98gbwIKkUX4WuSOt1YdFq_1UfeZkh-mYR9zJdMC76eZg==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
storiesDefer.bundle.min.498bd6.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		743 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.498bd6.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b090e61991ba938ae7e9fde0a6927e506e5abd4213dd6acd4f0213be287f3559

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 May 2019 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 11:48:39 GMT
server
AmazonS3
age
15753
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
mwcK464BG2wW619XtIbK10Z1FLCeOW4QI1nvbhxSFNIdVECQaDE5qg==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
faq_sprite_desktop.png
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/faq_sprite_desktop.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1495998141c1d663000e168d91710a9259e78cbd168e7891ea91afb5835e6f31

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 11:16:05 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 06:02:27 GMT
server
AmazonS3
age
15912
etag
"2a170838ebc32dbeccb194145f221f33"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
59740
x-amz-cf-id
dPBTQpzZHzf3ygW8Arp86SZ3XQYAANB3Z7rCViS9Fz6-Vg7hJ549Qw==
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
cc900a14f6b6e17c5299c3f619b98ac2048780932d3b409cc9c5be79db70d15a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8916
x-xss-protection
0
server
cafe
etag
7666753467494023440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Jul 2019 09:25:04 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
3446
date
Tue, 02 Jul 2019 08:27:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Tue, 02 Jul 2019 10:27:38 GMT
activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%...
9237602.fls.doubleclick.net/ Frame 9DC5
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanu...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkRT27bCdCbR_E0uB9cIVT7sp9j6gUEu-5v4_kqjrICDKfOY7rGEnybgeMa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 02 Jul 2019 09:25:20 GMT
expires
Tue, 02 Jul 2019 09:25:20 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
389
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 02 Jul 2019 09:25:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CIWI65b1leMCFVkr4Aodz1YF4g;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=6328804226292;gtm=2wg6k2;auiddc=968332820.1562059505;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
IDE=AHWqTUka4EGxjFR96pHMrcqnCFCYhCMuEECc-p7fRVT-vZo4lkSj2qCDG8ALKMAX; expires=Thu, 01-Jul-2021 09:25:20 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2F...
9237602.fls.doubleclick.net/ Frame 83C5
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkRT27bCdCbR_E0uB9cIVT7sp9j6gUEu-5v4_kqjrICDKfOY7rGEnybgeMa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 02 Jul 2019 09:25:20 GMT
expires
Tue, 02 Jul 2019 09:25:20 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
392
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 02 Jul 2019 09:25:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=COmK65b1leMCFYGgewod1nYFxw;src=9237602;type=sitew0;cat=dcm_s0;ord=6011990597569;gtm=2wg6k2;auiddc=968332820.1562059505;u1=%2Fstories%2Fsaveanup;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
IDE=AHWqTUkRT27bCdCbR_E0uB9cIVT7sp9j6gUEu-5v4_kqjrICDKfOY7rGEnybgeMa; expires=Thu, 01-Jul-2021 09:25:20 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
hotjar-200024.js
static.hotjar.com/c/ 		0
0
uwt.js
static.ads-twitter.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16120
x-xss-protection
0
pragma
public
x-fb-debug
0OeXbGmyVe76DwwDa5YK8m2sjO8WqvKHb13DGF7Iap+xQ687Iw4SSXx85eHR1Y0sb+aidovmgo2/rBNESFCmpQ==
x-fb-trip-id
2000377899
date
Tue, 02 Jul 2019 09:25:04 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1034141/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1034141/tfa.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2080bf75373ebff43ed734b76ef2ddc225098a404c6ed3e8dca24285c4a0b74d

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
liEe0d0LvJ2tYNSRK7CjgFUyAIOXlxDa
content-encoding
gzip
age
23
x-cache
HIT
status
200
date
Tue, 02 Jul 2019 09:25:23 GMT
x-amz-replication-status
COMPLETED
content-length
11395
x-amz-id-2
n4/H7rVztUIDDbAV2gewBCUSB7+wti+OgvnPoPlwWJkssAWQOK+YkuuKAhklbUQu0uKNNm+Tqsc=
x-served-by
cache-fra19122-FRA
last-modified
Mon, 01 Jul 2019 08:07:35 GMT
server
AmazonS3
x-timer
S1562059523.218016,VS0,VE1
etag
"71d7037b9f5a6324b779e2a15a820c02"
vary
Accept-Encoding
x-amz-request-id
E0DC6B7B86565C6A
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
96
x-cache-hits
1
ytc.js
s.yimg.com/wi/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:21:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
x-amz-server-side-encryption
AES256
status
200
strict-transport-security
max-age=15552000
x-amz-request-id
ECD9DBF38152EF25
x-amz-id-2
2W2sYxATTlYU4VoUrYLwxGkHVvfQkBfmaEna696bWQIAJVv3E/AQYOV0GLJe9zMxJf06QGwCHow=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 05 Jul 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 31 May 2019 22:18:05 GMT
server
ATS
etag
"1d72561a5f66715aa4a2babd0b8987c9-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-version-id
Dh6yBlFuV3eUpSuznZOxayGIozmAPxNs
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782023289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acc65e7f6310cdfe2aea3007af693b990b429049229fb5047a4df8b189597646
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
br
last-modified
Tue, 02 Jul 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25540
x-xss-protection
0
expires
Tue, 02 Jul 2019 09:25:04 GMT
B22411221.241945247;sz=1x2;ord=338854974925
ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=338854974925?
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
390924f62be5a23e3ea2eec4574f73a99c16341c673e6fd2c57547b6e5831e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
3033
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=592540813&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3De...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_gid=1000972497.1562059505&gjid=148110350&_v=j77&z=851733987
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_v=j77&z=851733987
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_v=j77&z=851733987&slf_rd=1&random=4089889487
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_v=j77&z=851733987&slf_rd=1&random=4089889487
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1587407918.1562059505&jid=748302969&_v=j77&z=851733987&slf_rd=1&random=4089889487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1562059504711&cv=9&fst=1562059504711&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5558f46c1e941cf5f07092440effd8080841447ce37922be2a5bd3885295c68c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1046
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1562059504713&cv=9&fst=1562059504713&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
22cf446d314cd3eeb536164b47701ef28c0e897102e52e7aed7215eca7b2d6b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1045
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/837073759/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/?random=1562059504713&cv=9&fst=1562059504713&num=1&fmt=3&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_a...
  • https://www.google.com/pagead/1p-user-list/837073759/?random=1562059504713&cv=9&fst=1562058000000&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_...
  • https://www.google.de/pagead/1p-user-list/837073759/?random=1562059504713&cv=9&fst=1562058000000&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_j...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/837073759/?random=1562059504713&cv=9&fst=1562058000000&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&cdct=2&is_vtc=1&random=247173917&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/pagead/1p-user-list/837073759/?random=1562059504713&cv=9&fst=1562058000000&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&cdct=2&is_vtc=1&random=247173917&resp=GooglemKTybQhCsO&ipr=y
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
441308802710601
connect.facebook.net/signals/config/ 		229 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/441308802710601?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7411aad7bc1419b6591c42a211f696b20232d9f471c509608342e76d612c33f2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
De4n3Odyy4dG+42RF/W+sN+mhQh9N8/MTK77qQFXwBy3K80luoviW8voTGtVC0QIqYFIEB0xYfLa+8/9TEMLsA==
x-fb-trip-id
2000377899
date
Tue, 02 Jul 2019 09:25:04 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1562059504818&cv=9&fst=1562059504818&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6k2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
437f2cc7b07e1c58b51c5a6ee2c38a24759b5d93c392a8177c84044dd6ba8ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1070
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/930975017/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930975017/?random=1562059504711&cv=9&fst=1562058000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2752114533&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930975017/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930975017/?random=1562059504711&cv=9&fst=1562058000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2752114533&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963384337/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963384337/?random=1562059504713&cv=9&fst=1562058000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=520397367&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963384337/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963384337/?random=1562059504713&cv=9&fst=1562058000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=520397367&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1562059504818&cv=9&fst=1562058000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6k2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3491520383&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1562059504818&cv=9&fst=1562058000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6k2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3491520383&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
XL3jVdZsJ31s2J5g98WTVycmPpAr7MMRvbq1t8pXkAVJHaI8EHjK2SgG6tyXz3cyWstKhOXkgH16T87gT8WPbw==
x-fb-trip-id
2000377899
date
Tue, 02 Jul 2019 09:25:05 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1562059505102&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1562059505101.307534307&it=1562059504771&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 02 Jul 2019 09:25:05 GMT
/
www.facebook.com/tr/ Frame 0CE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2822
pragma
no-cache
cache-control
no-cache
origin
https://www.ketto.org
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
fr=0upkkVgnOdrp7yEl4..BdGyLx...1.0.BdGyLx.
Origin
https://www.ketto.org
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.ketto.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Tue, 02 Jul 2019 09:25:05 GMT
channel.html
js.stripe.com/v2/ Frame 63A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default276810&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default276810&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
x-amz-id-2
gXWskAJhnTKPOEHM6BwN6uPVlld3FObHB2X87KowCtSJLP7/C0XkQVBuO22ykHBIMZrI3BZOyLA=
x-amz-request-id
922BA7963F425A1B
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Tue, 02 Jul 2019 09:25:18 GMT
via
1.1 varnish
age
50
x-served-by
cache-hhn4021-HHN
x-cache
HIT
x-cache-hits
38
x-timer
S1562059518.197267,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
560
payjs-iframe
api.juspay.in/ Frame B4E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.juspay.in/payjs-iframe
Requested by
Host: api.juspay.in
URL: https://api.juspay.in/pay-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.232.119.255 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-232-119-255.ap-south-1.compute.amazonaws.com
Software
*** /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src *.juspay.in https:; default-src 'unsafe-eval' 'self' 'unsafe-inline' *.juspay.in *.cloudfront.net ssl.google-analytics.com ajax.googleapis.com fonts.googleapis.com ssl.google-analytics.com *.bootstrapcdn.com fonts.gstatic.com fast.fonts.net gap: gap-iab: https: data: easy-js:;img-src *.icicibank.com *.cloudfront.net *.hdfcbank.com *.citibank.co.in *.axisbank.com *.onlinesbi.com data: https:;report-uri /reportCSPViolation
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
api.juspay.in
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

cache-control
private, no-cache, no-store, must-revalidate
content-language
en-US
content-security-policy
connect-src *.juspay.in https:; default-src 'unsafe-eval' 'self' 'unsafe-inline' *.juspay.in *.cloudfront.net ssl.google-analytics.com ajax.googleapis.com fonts.googleapis.com ssl.google-analytics.com *.bootstrapcdn.com fonts.gstatic.com fast.fonts.net gap: gap-iab: https: data: easy-js:;img-src *.icicibank.com *.cloudfront.net *.hdfcbank.com *.citibank.co.in *.axisbank.com *.onlinesbi.com data: https:;report-uri /reportCSPViolation
content-type
text/html;charset=utf-8
date
Tue, 02 Jul 2019 09:25:18 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
server
***
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
Content-Length
1966
Connection
keep-alive
secured-by-juspay-v1.jpg
d3oxf4lkkqx2kx.cloudfront.net/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3oxf4lkkqx2kx.cloudfront.net/images/secured-by-juspay-v1.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-56.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e24a1501c82b65a2441b05667c7b3cf24c825955caeb2c0b8be0ac7b732afa

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 02 Jun 2019 00:15:42 GMT
Via
1.1 b74a7a3f7ddfd685212e870d027c332d.cloudfront.net (CloudFront)
Last-Modified
Wed, 16 Mar 2016 13:37:11 GMT
Server
AmazonS3
Age
198831
ETag
"2914a7982044706cab82eb33e748b54d"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=604800
X-Amz-Cf-Pop
FRA53
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3001
X-Amz-Cf-Id
n6IloQ_-bujCRI7nsOhwDaW4TNXURVZA6qiVpxEELGq2cpqWSGThhA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d1vdjc70h9nzd9.cloudfront.net
URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.498bd6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
281000dd51a72b34ab6540963fe9217f235a581d4596f9f373b5ceb255972fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vyb/jx3wD0/2oXKlpkOMLw==
status
200
content-length
1779
x-fb-debug
B8ng3l72wrWRBQUXPd0iyInP3NJHCEMLH0fIE+KieqiA1L8dq++XdgzTnwET+wJvOlMxzjSmtGa7cjly0I46LQ==
x-fb-trip-id
2000377899
x-fb-content-md5
7faf6273dc0880f1db9f1be0db74ff55
x-frame-options
DENY
etag
"5dac71dd35f72f2e2f14f029b43e20a8"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jul 2019 09:37:49 GMT
iplocation
apis.ketto.org/api/third_party/ 		195 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/third_party/iplocation
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
3cc02066bbabad8a877ab879aaa4db1eb78c3ae9d9c31f4f7c339fe864913440
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
saveanup
apis.ketto.org/api/fundraisers/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/saveanup?with=viewmedicalbill
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
c1db8f333e74ed0051259e66afca9336adc590d6a0cf5c38c1601ed64b5469f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
comments
apis.ketto.org/api/fundraisers/saveanup/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/saveanup/comments?limit=5&page=1
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
4aec2e11ec922bd3382071b52f00a32cbaab8d67b50206ad0a3e02e06b3b8ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/83782/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/83782/donors?with=donoravtar;comments;activation&donor_entity_details_id=undefined&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/83782/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/83782/donors?with=donoravtar;activation&limit=10&page=1&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
37ce368844ff4311130d19deb7497b64f9703fff9a92b68d2b1020bfb0b20993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
updates
apis.ketto.org/api/fundraisers/83782/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/83782/updates?with=owner.avtar&limit=1&page=1&orderBy=id&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
adcee8edc34e287aa9fae3d9d4c311fc6a19759569e6d68cb999b113b53dafce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
cc900a14f6b6e17c5299c3f619b98ac2048780932d3b409cc9c5be79db70d15a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8916
x-xss-protection
0
server
cafe
etag
7666753467494023440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 02 Jul 2019 09:25:21 GMT
storiesDefer.bundle.af2aef.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		142 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480e98104bffae58da471d3c88798bb92cf045e0711a56705bcc4d7633469d65

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 07:17:23 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 13:42:46 GMT
server
AmazonS3
age
17461
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
CmINW99_EGLWUFjDqgReia2Oj3vpj3xY97j33H0IN5osj-cSkpTZNg==
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
/
graph.facebook.com/ 		204 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https://www.ketto.org/stories/saveanup&fields=engagement&access_token=817890751925466%7C07bf92f33f8dbd2c320b88fb04a01d72
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
408d4e862b97678e14c415fc1fa6e07776f9644c6eb4deaeca6836e2f99e034e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#4) Application request limit reached"
x-app-usage
{"call_count":151,"total_cputime":0,"total_time":10}
status
403
x-fb-rev
1000905376
content-length
147
pragma
no-cache
x-fb-debug
gv62IQIodKelbK/rg9IGi9HzFQROrgoThiycfcBgX0WxhFEnI5659BrEipen2HtA0b35d4IwF/9buBrVdK2T1Q==
x-fb-trace-id
DEU8byEiWrO
date
Tue, 02 Jul 2019 09:25:21 GMT
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AgO7aAsTQ4kqXK8wWezPkZJ
cache-control
no-store
facebook-api-version
v3.2
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=592540813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_gid=431995758.1562059522&gjid=465479687&_v=j77&z=1535962785
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_v=j77&z=1535962785
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_v=j77&z=1535962785&slf_rd=1&random=18393710
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_v=j77&z=1535962785&slf_rd=1&random=18393710
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2047603445.1562059522&jid=260893912&_v=j77&z=1535962785&slf_rd=1&random=18393710
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mark
trc.taboola.com/ketto-sc/log/3/ 		0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/ketto-sc/log/3/mark?marking-type=Visitor&item-url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&gtmcb=1683462880
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1562059523.692108,VS0,VE8
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
cache-control
no-cache
access-control-allow-credentials
true
x-cache-hits
0
accept-ranges
bytes
content-type
image/gif
access-control-allow-origin
*
x-served-by
cache-fra19122-FRA
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1562059521547&sw=1600&sh=1200&v=2.8.51&r=stable&ec=2&o=30&fbp=fb.1.1562059521547.1189768561&it=1562059504771&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:21 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 02 Jul 2019 09:25:21 GMT
83782
apis.ketto.org/api/answer/ 		113 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/answer/83782?user_id=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
1e7d5d203bc2f19aa87dae274edddb22f8c8b6a2946f036826cb8edbb1a6bd34

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
server
nginx/1.11.9
status
403
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache, private
bd8b8682bbb02a9b5e93a93feb952a2902ce860e.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/bd8b8682bbb02a9b5e93a93feb952a2902ce860e.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08b0a346eb186af06d0aea80ca65011008da61ddc14b58df5e8b13075bc04bc8

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Tue, 05 Mar 2019 13:19:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"e344ae044846d59e79104970bfadbd75"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
49266
x-amz-cf-id
-_ihIzwE0R2VfhlbON_NlhUVeYP40T01PVOVrmLzrQyBfc2ce5HCGQ==
5754164e60092ebdd72a2c0aef64d648b09d9b6f.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/5754164e60092ebdd72a2c0aef64d648b09d9b6f.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9d3540a1e8f66af443a5975997d7c645f7e5febfcf216dcf2ffbf67027c87f7

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Tue, 05 Mar 2019 13:21:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
etag
"d7550c457a99f681d3261a3b365cef3b"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
45472
x-amz-cf-id
MCnSj72BYdbxNMVsVc_tqHqtlTowPdEFxXMtKVvXu9_uTafO-YRtmA==
activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org...
9237602.fls.doubleclick.net/ Frame 02CD
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.o...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefin...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 02 Jul 2019 09:25:21 GMT
expires
Tue, 02 Jul 2019 09:25:21 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
391
x-xss-protection
0
set-cookie
IDE=AHWqTUmkDuGvM6Rng_N1bAz5gUb3Euh5aWQMWQEhHh56TeYsSZ0EdvK1B7a0WYRa; expires=Thu, 01-Jul-2021 09:25:21 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 02 Jul 2019 09:25:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CPPpn5f1leMCFRga4Aod_DANsA;src=9237602;type=ketto00;cat=qr_co0;qty=1;gtm=2wg6k2;auiddc=968332820.1562059505;u4=undefined;u6=undefined;u7=undefined;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 02-Jul-2019 09:40:21 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=592540813&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_gid=431995758.1562059522&gjid=1671135419&_v=j77&z=854918240
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_v=j77&z=854918240
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_v=j77&z=854918240&slf_rd=1&random=2636925662
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_v=j77&z=854918240&slf_rd=1&random=2636925662
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-80298164-1&cid=2047603445.1562059522&jid=1807876090&_v=j77&z=854918240&slf_rd=1&random=2636925662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=96de34e4e3dcf7d687ad6da71b40403a&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5366b6ec1d297c8d22168f1213a6305a97165ec3232b874afeeeeda0647e0e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OkVcXPtToZ6upbjQBUAxZw==
status
200
date
Tue, 02 Jul 2019 09:25:21 GMT
vary
Accept-Encoding
content-length
60062
x-fb-debug
/ddT4lzD+SgEquK5VH9uLOh8FnXpChN/cImmPq+e06i5S5lMP6q5ZnVNDOyOP71KRYqC9wh1WsOn6tzbjUCGnQ==
x-fb-trip-id
997090344
x-fb-content-md5
89f0740982fba3d2f33a512c888d9a44
etag
"2d84208ba6e6832585d5e7418ea391e8"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 01 Jul 2020 08:16:47 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1562059521642&cv=9&fst=1562059521642&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
d64951f43f5965f77a3d3b8cc39e316ea6876f729d8927d8ee66e80c74d407aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 63E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=96de34e4e3dcf7d687ad6da71b40403a&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
fr=0P18QpD3LXjt9KgSB..BdGyMB...1.0.BdGyMB.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Tue, 30 Jun 2020 21:04:29 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
mfpgfZUv17YG4bYbtZHRNeixj54lfrZLcVfDAWS36eGqkBjCDPndp09ZXOwby4MJJ/oKytstMfI6R1y+RcoOxA==
content-length
11236
x-fb-trip-id
2000377899
date
Tue, 02 Jul 2019 09:25:21 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=287403324698248&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=96de34e4e3dcf7d687ad6da71b40403a&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/
Origin
https://www.ketto.org

Response headers

pragma
no-cache
x-fb-debug
2HlQMCRCb4yh5lvLQc+xVI054us05yjwpxm3n2ZB9JnzQ5Y5qsZJEXYfSHk2XM4xt2y+p4O2zzsV7uTJBeDhjA==
fb-s
unknown
status
200
x-frame-options
DENY
date
Tue, 02 Jul 2019 09:25:21 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ketto.org
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1562059521642&cv=9&fst=1562058000000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3138903500&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1562059521642&cv=9&fst=1562058000000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6k2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveanup%3Futm_campaign%3Dsaveanup%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Our%204-yr-old%20son%20needs%20an%20urgent%20stem%20cell%20transplant%20to%20beat%20leukaemia.%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3138903500&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
outer.html
js.stripe.com/v2/m/ Frame 5E45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
x-amz-id-2
fbnlys/yLF+pK5+94+mp78Cxf3WFizU03d2d86JPfCFKpbsuOP+Lr9dVVZ+Bfv3egHNtZzGHSdQ=
x-amz-request-id
7B73ADB1591CCEC3
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Tue, 02 Jul 2019 09:25:23 GMT
via
1.1 varnish
age
148
x-served-by
cache-hhn4021-HHN
x-cache
HIT
x-cache-hits
229
x-timer
S1562059523.195390,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
unip
trc.taboola.com/1034141/log/3/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=page_view&tim=1562059523255&ref=N%2FA
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1562059523.269623,VS0,VE8
x-served-by
cache-fra19122-FRA
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
unip
trc.taboola.com/1201088/log/3/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1201088/log/3/unip?en=page_view&tim=1562059523261&ref=N%2FA
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1562059523.275369,VS0,VE9
x-served-by
cache-fra19122-FRA
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
unip
trc.taboola.com/1034141/log/3/ 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=view_content&tim=1562059523267&ref=N%2FA
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1562059523.281299,VS0,VE9
x-served-by
cache-fra19122-FRA
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
lidar.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=338854974925?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae6f6d34c6166f41ed604ee10a45f40856ef4444fc2fc250be8012379f3662b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1561979749240121"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
28623
x-xss-protection
0
expires
Tue, 02 Jul 2019 09:25:23 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTgMGvMmy223jFBQdlf-zH4vLXhhAyABQAxoveNpxQzz97MoVs-izgRRF3kRFjABgdqXunneiiZmSuq-b7qxHb3mcHxwd5E8BftiNfufqFCzarKSkBNx_KWCujTq43PpA&sig=Cg0ArKJSzFGe8-AfXMovEAE&urlfix=1&adurl=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 02 Jul 2019 09:25:24 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
system_event.php
www.ketto.org/vars/ 		0
0
4.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/4.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0af42bd30107995addb0d8004c767e58b1e7a0a36986977f28171ee4f344476

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 02:33:05 GMT
via
1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:08 GMT
server
AmazonS3
age
4517539
etag
"e6b06f485c4ea658b3e0e3b9d15b229d"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
15340
x-amz-cf-id
JhX83md4mjzOIE5nCvgL3WMkewtYzLX2Z_SDtV0nNSqwfKXgGzwi8w==
ajax-loader.gif
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/ajax-loader.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
icomoon.z3gnh4.ttf
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/icomoon.z3gnh4.ttf
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:c000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
Origin
https://www.ketto.org

Response headers

date
Mon, 03 Jun 2019 01:05:16 GMT
via
1.1 2f43d3215923fbce97b22ee733b0401f.cloudfront.net (CloudFront)
age
53394
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
40168
last-modified
Tue, 30 Apr 2019 14:15:35 GMT
server
AmazonS3
etag
"13ac5beca606f472d9f1c68f2c25b01c"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
Fu8hj9BYPXkRjomgPkwWReSlS4kJxcCPYaISV9o5g9OweRYFs_fmuw==
a
wzrkt.com/ 		239 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=90&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciAwiVIQJYDmaABAGo0wDuMAJtrmACKEwhBKH4oaAYxiMAKtDIhxAZwDWYAPZReABUJ0ZAVQBKAGQQgA9Ms0AnNsuuFUhNAFdtOAMoxlymhpMAJL8FjAAZgBsAJwAzFEADDDRkQAcAEYATACsAOxx4bHpACyZkYS54WWlCbxBOowAglxctr7KFgCMqdkAdJ3Zkf25fZ3RtTgAQrYa7MowthbkABYzpLyUxNT0TLI0YAA2igDybraMxQC0ELaXGgdcjMqBjGgw3MqMroxnBhhPYBgxEY0gOB0YYFsrmUUAOrjAEI0jHSMCEjCOblUhCBNEIvV4%2BDoSJCFlynVi0V4AFFUP8SYgJiBKG55ox6SABozNtsGGzQohUrFcqlMhsqLRefJYBZCDwcIZZABZRheDRnaRhAAegNsaEIBwA%2Bqp0MpJAFeArlYruDQ3MQwsRaAcLUrGNyJWgLMpnKj3J4QFKYAbGpMLKGAL44Gg8RDFYyRS7FYWXYzGYoALV4UDoCE64aAAA&rn=1&i=1562059526&sn=0&r=1562059526412
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.194.178.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-178-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
60eb5bbf75b5a62d0f65b0db5ea1c64991289997e85fbd1afe21f7d889707fa3

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:28 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
a
wzrkt.com/ 		225 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=90&type=page&d=N4IgrgziBcIKYA8AucBOA7AhgGwPoGs50IBjASwHsQAacAWxnjszOxvBMYkwDc5N0YAA7syAE0YAWAEoA2ALSSA7AA5506ZIBa7IQHMYARlol9jABZIkQiNAD0dgO7OAdISsUXFVHrsQk3mRwEH68%2FIJCAPxgSHS4JJh0Qix66AC83HwCwgBkMXF0cGJkYHRpcMysebG4EBRgqCRw5choWHiExORUAL5AAA%3D&rn=2&i=1562059526&sn=0&gc=d31f332c5eb84003802099ca74602589&r=1562059528338
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.194.178.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-178-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2c008206624b0e42f0d95da3b8715ca26203a5ffe337d5d4b98577f6e3e7eb7b

Request headers

Referer
https://www.ketto.org/stories/saveanup?utm_campaign=saveanup&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jul 2019 09:25:28 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.hotjar.com
URL
https://static.hotjar.com/c/hotjar-200024.js?sv=5
Domain
static.ads-twitter.com
URL
https://static.ads-twitter.com/uwt.js
Domain
www.ketto.org
URL
https://www.ketto.org/vars/system_event.php?val%5BeventName%5D=pageView&val%5Bevent_type%5D=campaign&val%5Bevent_type_id%5D=83782&val%5Bpage_name%5D=stories&val%5Breferrer_page%5D=

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer boolean| isCached object| clevertap object| TRACKING_DETAILS number| _vwo_clicks object| _vwo_code number| settings_timer number| _vwo_settings_timer object| VWO object| _vwo_evq object| hiddengoalcampaign object| amountRaisedCampaign object| daysLeftCampaign string| browserName number| IS_WHITE_LABEL number| FB_APP_ID number| hasDraft string| PHP_API_URL string| custom_tag string| campaign_share_url_exitIntent string| campaign_share_url string| campaign_share_count_url string| device string| supporters_pagination_url string| s3_url boolean| ended string| designTemplate string| beneficiary_fname string| hospital_name string| countryCode string| apiHostUrl string| videoID object| userDetailsAPI string| landingCurrency string| supporterImage string| pageReload string| baseCurrency string| onlyBaseCurrency string| loadPayment string| showTip boolean| showTipVariation boolean| isWhiteLabel boolean| userDonatedCurrentSession object| storyAB string| operatingSystem boolean| hasSurrogateCampaigns boolean| hasUserDonated string| surrogateCampaginLoginRedirectUrl boolean| isUserLoggedIn boolean| loggedUserEmail object| angular object| requestvalue number| newStory object| user_data string| cdn_url function| pageData object| google_tag_manager function| postscribe undefined| b object| vwo_iehack_queue string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| twq function| fbq function| _fbq object| _tfa object| dotq number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| page_version object| typeAB string| api_url boolean| isToken_url object| ip2Details string| dimensionValue string| usedDevice number| isbilldesk object| componentForm object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| discardDraft function| loadCss object| addthis_config function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| gtag function| Razorpay function| Stripe object| Juspay object| p_img object| app object| appIds string| selectedId function| login function| getFriends function| triggerFShareDialogClick function| triggerFShareExitDialogClick function| fbPageShare function| fbElfPageShare function| fbIplshare function| showCount function| loginFB function| connect function| DialogTrigger function| chechPopupShown function| setPopupShown function| setPopUpCookie function| getPopUpCookie function| ga_ABcheck function| ga_KettoLike function| ga_startCampaign function| event_fb_connect function| event_profilePic_popup function| AB_ExiteIntent function| ga_shareCommentAb function| showLeadModelBox function| setCookie function| getCookie function| showCampaignDraftPopup function| managerHelpPopup function| managerHelpPopupMobile function| showLeadModelBoxMobile function| similarFundModelBoxMobile function| systemEvent function| triggerEvent object| WIZRocket number| search_click function| Blazy function| fbAsyncInit function| setImmediate function| clearImmediate function| swal function| sweetAlert object| bioEp object| intlTelInputUtils object| FB object| TRC object| _taboola object| TRCImpl function| __trcError function| __trcJSONify object| queue object| DfaVisibilityIdentifier_2348325073_avData function| pdib object| google_image_requests object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ object| difference object| wizrocket object| $WZRK_WR object| $CLTP_WR

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9237602.fls.doubleclick.net
ad.doubleclick.net
ajax.googleapis.com
api.juspay.in
apis.ketto.org
cdn.taboola.com
checkout.razorpay.com
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
d3oxf4lkkqx2kx.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
js.stripe.com
mail.quicklivedeals.com
s.yimg.com
static.ads-twitter.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ketto.org
wzrkt.com
static.ads-twitter.com
static.hotjar.com
www.ketto.org
13.232.119.255
13.232.209.250
151.101.112.176
151.101.14.2
159.122.87.153
172.217.18.2
172.217.23.162
172.217.23.166
2600:9000:2047:c000:d:e617:f340:21
2a00:1288:f03d:1fa::2000
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:815::200a
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:824::200a
2a00:1450:4001:825::2004
2a00:1450:400c:c0a::9a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.222.149.56
52.222.157.156
52.222.157.7
54.169.244.171
54.194.178.165
91.192.43.154
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08b0a346eb186af06d0aea80ca65011008da61ddc14b58df5e8b13075bc04bc8
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d
0c4592cb56bec1a745568b3dd0746818ec4cb08e996c96175e7abd37d774dc8c
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
1495998141c1d663000e168d91710a9259e78cbd168e7891ea91afb5835e6f31
1e7d5d203bc2f19aa87dae274edddb22f8c8b6a2946f036826cb8edbb1a6bd34
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117
2080bf75373ebff43ed734b76ef2ddc225098a404c6ed3e8dca24285c4a0b74d
22cf446d314cd3eeb536164b47701ef28c0e897102e52e7aed7215eca7b2d6b5
281000dd51a72b34ab6540963fe9217f235a581d4596f9f373b5ceb255972fdb
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
2c008206624b0e42f0d95da3b8715ca26203a5ffe337d5d4b98577f6e3e7eb7b
37ce368844ff4311130d19deb7497b64f9703fff9a92b68d2b1020bfb0b20993
390924f62be5a23e3ea2eec4574f73a99c16341c673e6fd2c57547b6e5831e6b
3ae6f6d34c6166f41ed604ee10a45f40856ef4444fc2fc250be8012379f3662b
3cc02066bbabad8a877ab879aaa4db1eb78c3ae9d9c31f4f7c339fe864913440
408d4e862b97678e14c415fc1fa6e07776f9644c6eb4deaeca6836e2f99e034e
40e24a1501c82b65a2441b05667c7b3cf24c825955caeb2c0b8be0ac7b732afa
437f2cc7b07e1c58b51c5a6ee2c38a24759b5d93c392a8177c84044dd6ba8ce2
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
480e98104bffae58da471d3c88798bb92cf045e0711a56705bcc4d7633469d65
4aec2e11ec922bd3382071b52f00a32cbaab8d67b50206ad0a3e02e06b3b8ad5
5366b6ec1d297c8d22168f1213a6305a97165ec3232b874afeeeeda0647e0e9f
5558f46c1e941cf5f07092440effd8080841447ce37922be2a5bd3885295c68c
60eb5bbf75b5a62d0f65b0db5ea1c64991289997e85fbd1afe21f7d889707fa3
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf
669fbe52929575a38eb337b51070255f4a055a03fd6a93d573486d0f0a591344
6eb0bcaff2e132da06846f8da58e6bd708e2b5592a5d9f37d8d111f3cb768e57
7411aad7bc1419b6591c42a211f696b20232d9f471c509608342e76d612c33f2
780c27ba988f780180648bee9633d40f3b2487d774798267052d94923aed7f0d
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe
7c2f90cfada5ef8e26757a3bb7b9bb12baf5271e7581d94e870a5da6936c24be
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac3d36c6322eefcaea87ebbe52f803e51dfd23937edf4122b4887c51ebb3c4a
8acdea793981c91cdca1263946accf9d9362a1b154a257c9a2b44219c426efb6
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156
963a6a873821a8958121672d02452b45147fcb62afc5b49c8825d4d90820a187
9d9b9aeb42ba18a37784c42849f2f90b375299a934ac1e8580ab67caa32727c0
9dd8a9994cf73fe3e5400885977b90713219032adf4553ed554c33b6a9be260f
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a9d3540a1e8f66af443a5975997d7c645f7e5febfcf216dcf2ffbf67027c87f7
acc65e7f6310cdfe2aea3007af693b990b429049229fb5047a4df8b189597646
acfb144324fc9f340c63d139775a82afed8c73712092addbfe37eca70b2073bd
adcee8edc34e287aa9fae3d9d4c311fc6a19759569e6d68cb999b113b53dafce
b090e61991ba938ae7e9fde0a6927e506e5abd4213dd6acd4f0213be287f3559
b0af42bd30107995addb0d8004c767e58b1e7a0a36986977f28171ee4f344476
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c1db8f333e74ed0051259e66afca9336adc590d6a0cf5c38c1601ed64b5469f4
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cc900a14f6b6e17c5299c3f619b98ac2048780932d3b409cc9c5be79db70d15a
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d64951f43f5965f77a3d3b8cc39e316ea6876f729d8927d8ee66e80c74d407aa
d9c88b523d821c164a1ce39f7d83b4682b2ef6d3bc674e31b4b57b9d6e604f8b
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc3efd4158c7ca75c9fc1a167e098e831d03d2f344cc78d54aa39611630a8523
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c