urlscan.io logo urlscan.io
SecurityTrails logo

www.ketto.org Open in urlscan Pro
143.204.214.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://box2i.com/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXN...
Effective URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Submission: On May 29 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 10 countries across 32 domains to perform 103 HTTP transactions. The main IP is 143.204.214.10, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon on November 24th 2018. Valid for: a year.
This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.107.120.3 133296 (WEBWERKS-...)
1 1 103.107.120.141 133296 (WEBWERKS-...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 144.217.74.79 16276 (OVH)
1 35.201.98.21 15169 (GOOGLE)
1 35.186.199.79 15169 (GOOGLE)
2 143.204.214.10 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
20 2600:9000:20b... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.214.116 16509 (AMAZON-02)
3 159.122.87.153 36351 (SOFTLAYER)
5 2600:9000:20b... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 34.248.140.41 16509 (AMAZON-02)
2 172.217.23.130 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 147.75.33.239 54825 (PACKET)
1 151.101.36.157 54113 (FASTLY)
7 2a03:2880:f01... 32934 (FACEBOOK)
4 151.101.2.2 54113 (FASTLY)
1 2a00:1288:84:... 203219 (YAHOO-AMA)
2 5 172.217.16.134 15169 (GOOGLE)
1 13.126.133.242 16509 (AMAZON-02)
3 151.101.0.176 54113 (FASTLY)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 147.75.83.19 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.194 15169 (GOOGLE)
1 2a00:1288:84:... 203219 (YAHOO-AMA)
1 104.244.42.197 13414 (TWITTER)
2 4 2a03:2880:f11... 32934 (FACEBOOK)
7 54.169.244.171 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 104.244.42.195 13414 (TWITTER)
1 147.75.32.173 54825 (PACKET)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
103 39
1    103.107.120.3 (India)

ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)
box2i.com
1    103.107.120.141 (India)

ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)
displayemailbox.com
1    2606:4700:30::681b:9623 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zeeseclink.com
1    144.217.74.79 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pro.profdynamic.com
app.profdynamic.com
1    35.201.98.21 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.98.201.35.bc.googleusercontent.com
trk.profilinet.com
1    35.186.199.79 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 79.199.186.35.bc.googleusercontent.com
track.vnative.com
2    143.204.214.10 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-10.fra53.r.cloudfront.net
www.ketto.org
1    2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
20    2600:9000:20bb:b400:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
2    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    143.204.214.116 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-116.fra53.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
3    159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
5    2600:9000:20bb:be00:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net
7    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
www.google.de
2    34.248.140.41 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-140-41.eu-west-1.compute.amazonaws.com
wzrkt.com
2    172.217.23.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.33.239 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-28
static.hotjar.com
1    151.101.36.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
7    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
4    151.101.2.2 (United States)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
trc.taboola.com
1    2a00:1288:84:800::1001 (United Kingdom)

ASN203219 (YAHOO-AMA, NL)
s.yimg.com
5    172.217.16.134 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
9237602.fls.doubleclick.net
1    13.126.133.242 (Mumbai, India)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-126-133-242.ap-south-1.compute.amazonaws.com
checkout.razorpay.com
3    151.101.0.176 (United States)

ASN54113 (FASTLY - Fastly, US)
js.stripe.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
6    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
5    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    147.75.83.19 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24
script.hotjar.com
1    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    172.217.21.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1288:84:800::1002 (United Kingdom)

ASN203219 (YAHOO-AMA, NL)
s.yimg.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
4    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
7    54.169.244.171 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
apis.ketto.org
1    2a03:2880:f01c:20e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
1    2a03:2880:f01c:202:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
cx.atdmt.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    147.75.32.173 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-27
vars.hotjar.com
1    151.101.2.110 (United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
26 cloudfront.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
791 KB
12 doubleclick.net
ad.doubleclick.net
9237602.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
10 KB
9 ketto.org
www.ketto.org
apis.ketto.org
75 KB
7 facebook.com
www.facebook.com
graph.facebook.com
staticxx.facebook.com
1 KB
6 google.de
www.google.de
654 B
6 google.com
www.google.com
782 B
5 facebook.net
connect.facebook.net
132 KB
4 taboola.com
cdn.taboola.com
trc.taboola.com
9 KB
4 google-analytics.com
www.google-analytics.com
18 KB
3 stripe.com
js.stripe.com
21 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
92 KB
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
61 KB
2 yimg.com
s.yimg.com
7 KB
2 googleadservices.com
www.googleadservices.com
18 KB
2 wzrkt.com
wzrkt.com
959 B
2 googletagmanager.com
www.googletagmanager.com
63 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
30 KB
1 nr-data.net
bam.nr-data.net
261 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 twitter.com
analytics.twitter.com
267 B
1 atdmt.com
cx.atdmt.com
405 B
1 t.co
t.co
166 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 razorpay.com
checkout.razorpay.com
21 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 gstatic.com
fonts.gstatic.com
10 KB
1 vnative.com
track.vnative.com
321 B
1 profilinet.com
trk.profilinet.com
977 B
1 profdynamic.com
app.profdynamic.com
303 B
1 zeeseclink.com
zeeseclink.com
343 B
1 displayemailbox.com
displayemailbox.com
447 B
1 box2i.com
box2i.com
421 B
103 32
Domain Requested by
25 d1vdjc70h9nzd9.cloudfront.net www.ketto.org
ajax.googleapis.com
7 apis.ketto.org www.ketto.org
6 www.google.de www.ketto.org
6 www.google.com 1 redirects www.ketto.org
5 googleads.g.doubleclick.net www.googleadservices.com
5 connect.facebook.net app.profdynamic.com
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
4 www.facebook.com 2 redirects www.ketto.org
connect.facebook.net
4 9237602.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.ketto.org
3 trc.taboola.com www.ketto.org
3 js.stripe.com www.ketto.org
js.stripe.com
3 dev.visualwebsiteoptimizer.com www.ketto.org
dev.visualwebsiteoptimizer.com
2 staticxx.facebook.com connect.facebook.net
2 s.yimg.com app.profdynamic.com
www.ketto.org
2 www.googleadservices.com www.googletagmanager.com
2 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
2 www.googletagmanager.com www.ketto.org
www.googletagmanager.com
2 www.ketto.org trk.profilinet.com
www.ketto.org
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.ketto.org
1 vars.hotjar.com static.hotjar.com
1 analytics.twitter.com static.ads-twitter.com
1 cx.atdmt.com www.ketto.org
1 graph.facebook.com www.ketto.org
1 t.co www.ketto.org
1 googleads4.g.doubleclick.net www.ketto.org
1 www.googletagservices.com ad.doubleclick.net
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net 1 redirects
1 checkout.razorpay.com www.ketto.org
1 ad.doubleclick.net app.profdynamic.com
1 cdn.taboola.com app.profdynamic.com
1 static.ads-twitter.com app.profdynamic.com
1 static.hotjar.com app.profdynamic.com
1 fonts.gstatic.com www.ketto.org
1 d2r1yp2w7bby2u.cloudfront.net www.ketto.org
1 ajax.googleapis.com www.ketto.org
1 fonts.googleapis.com www.ketto.org
1 track.vnative.com trk.profilinet.com
1 trk.profilinet.com app.profdynamic.com
1 app.profdynamic.com
1 zeeseclink.com 1 redirects
1 displayemailbox.com 1 redirects
1 box2i.com 1 redirects
103 44
Subject Issuer Validity Valid
ady.adsyatra.net
Let's Encrypt Authority X3		 2019-05-28 -
2019-08-26		 3 months crt.sh
*.vnative.com
COMODO RSA Domain Validation Secure Server CA		 2017-08-19 -
2019-08-19		 2 years crt.sh
ketto.org
Amazon		 2018-11-24 -
2019-12-24		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
wzrkt.com
DigiCert ECC Secure Server CA		 2018-11-11 -
2019-11-20		 a year crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2018-08-16 -
2019-08-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-01 -
2019-09-07		 5 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-06-06		 a month crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.razorpay.com
Amazon		 2018-09-27 -
2019-10-27		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-21 -
2019-09-03		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
www.google.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
apis.ketto.org
Let's Encrypt Authority X3		 2019-04-10 -
2019-07-09		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2019-04-12 -
2019-07-11		 3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-28 -
2020-01-28		 a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 9 frames:

Primary Page: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Frame ID: B2C0A5CF2EC2813293D0304C9ABE88A2
Requests: 96 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Frame ID: 8B559517B8E64DAC12C97F668DF10A22
Requests: 1 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Frame ID: D8BE0BA735BA20BCE8AF2EF3B62C6575
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default520426&stripe_xdm_p=1
Frame ID: 113CF04A5E5E7E183CAEDAC07F8CC89D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AC043D0356E54A97291D16C54BBD5735
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: BA28DE93A0D7C5B275CA7C6EDB9C7583
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 58C1AAB0FED3829FA482A382EC54EDE6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 8CAFCBEC6436C874CF374CEAB42C105B
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 84F00B615E378D890AE79AC80936D1FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://box2i.com/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=... HTTP 301
    http://displayemailbox.com/emm/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNv... HTTP 302
    http://zeeseclink.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09 HTTP 301
    http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09 Page URL
  2. https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=42 Page URL
  3. https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • env /^angular$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Stripe$/i
Overall confidence: 100%
Detected patterns
  • env /^addthis/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • env /^swal$/i
Overall confidence: 100%
Detected patterns
  • env /^YAHOO$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

103
Requests

99 %
HTTPS

43 %
IPv6

32
Domains

44
Subdomains

39
IPs

10
Countries

1401 kB
Transfer

4106 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://box2i.com/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRE9FbDBaV0UzWjIxQ1JVRk1Za2t4VjNsd05ISnRVVDA5&e=1 HTTP 301
    http://displayemailbox.com/emm/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRE9FbDBaV0UzWjIxQ1JVRk1Za2t4VjNsd05ISnRVVDA5&e=1 HTTP 302
    http://zeeseclink.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09 HTTP 301
    http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09 Page URL
  2. https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=42 Page URL
  3. https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://box2i.com/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRE9FbDBaV0UzWjIxQ1JVRk1Za2t4VjNsd05ISnRVVDA5&e=1 HTTP 301
  • http://displayemailbox.com/emm/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRE9FbDBaV0UzWjIxQ1JVRk1Za2t4VjNsd05ISnRVVDA5&e=1 HTTP 302
  • http://zeeseclink.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09 HTTP 301
  • http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Request Chain 42
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1 HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Request Chain 43
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1 HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1897825600&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&dr=https%3A%2F%2Ftrk.profilinet.com%2F&ul=en-us&de=UTF-8&dt=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&_u=YEBAAAAB~&jid=1684271795&gjid=1256179647&cid=429549809.1559168405&tid=UA-30181760-1&_gid=1208978425.1559168405&_r=1&gtm=2wg5f2MJRMLZ&cd12=1559168404768.xy7m4cv&z=1254734338 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_gid=1208978425.1559168405&gjid=1256179647&_v=j76&z=1254734338 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_v=j76&z=1254734338 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_v=j76&z=1254734338&slf_rd=1&random=3808144719
Request Chain 81
  • https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&rl=https%3A%2F%2Ftrk.profilinet.com%2F&if=false&ts=1559168405769&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1559168405206.539712926&it=1559168404988&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=16729841183384143555&f=AYyb0MvAGi9vCoeXTTidSBq85JwuSQ_rzGEdvjHjaPsJCmTIEPDCMwLsAucFH9POYQrTreFtLGDYnnDjxUlZ-l4D&id=441308802710601&l=3&v=0
Request Chain 96
  • https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3429eb93c5ac68%26domain%3Dwww.ketto.org%26origin%3Dhttps%253A%252F%252Fwww.ketto.org%252Ff241fce968180f4%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
urls
app.profdynamic.com/
Redirect Chain
  • http://box2i.com/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRE9FbDBaV0UzWjIxQ1JVRk1Za2t4VjNsd05ISnRVVDA5&e=1
  • http://displayemailbox.com/emm/redirect.php?id=PGU0Nzk0MjRiZDExNzk0ZTViZjg0Yjg3YWVkYjM3ZWFhQGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRE9FbDBaV0UzWjIxQ1JVRk1Za2t4VjNsd05ISnRVVDA5&e=1
  • http://zeeseclink.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
  • http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
96 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
HTTP/1.1
Server
144.217.74.79 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
pro.profdynamic.com
Software
Apache /
Resource Hash

Request headers

Host
app.profdynamic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 22:20:01 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 29 May 2019 22:20:02 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 29 May 2019 23:20:02 GMT
Location
http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4debda72f868c286-FRA
5c89de73b6920d1b591ddc8d
trk.profilinet.com/ 		677 B
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=42
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.98.21 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.98.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e89b1f7d6bc54aa2ea23a91fe3eec24a4233133f19192726ebabd678d8550ee

Request headers

:method
GET
:authority
trk.profilinet.com
:scheme
https
:path
/5c89de73b6920d1b591ddc8d?url_id=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09

Response headers

status
200
server
nginx
date
Wed, 29 May 2019 22:20:02 GMT
content-type
text/html
content-length
677
x-rt
6
set-cookie
__vnativetracking=a407e972-9836-4b5b-b065-4ad86b57f507; expires=Fri, 29 May 2020 22:20:02 GMT; path=/; HttpOnly __vnativeverify_v3=n37Bcqp9VvLypBkmtahpWNR9-6iYg_oy2BXr0NwZfrE; expires=Thu, 30 May 2019 22:20:02 GMT; path=/; HttpOnly
via
1.1 google
alt-svc
clear
pv2
track.vnative.com/ 		21 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.vnative.com/pv2?c=5cef059204b4140493da6ea2&a=5ac70aaab6920d1b2b2a6042&h=ebb4e7b018a5664ed7e185aa8238e441ebfec4f3d447799f0e17cff9f7ceee96&cb=xYz
Requested by
Host: trk.profilinet.com
URL: https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.199.79 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
79.199.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://trk.profilinet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:02 GMT
content-encoding
gzip
server
nginx
etag
W/"15-YQrJ5jySBCV5tusAe2Cb+g"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
no-cache, max-age=0
alt-svc
clear
via
1.1 google
Primary Request savesara
www.ketto.org/stories/ 		277 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Requested by
Host: trk.profilinet.com
URL: https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-10.fra53.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
b6ae9f8ffe56342c066f22c90ebb48fc1b6bdcb5f56652f02bc551a821ddecb5

Request headers

:method
GET
:authority
www.ketto.org
:scheme
https
:path
/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://trk.profilinet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://trk.profilinet.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Wed, 29 May 2019 22:20:03 GMT
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pageurl-1
1
pragma
no-cache
vary
Accept-Encoding
x-mod-pagespeed
1.13.35.2-0
x-powered-by
PHP/5.6.40
set-cookie
KETTOSESSID=ksohvd0v9ie412j4kqk84h9tm6; path=/; domain=.ketto.org k_utm=eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfZmlyc3RvcHRpb24iLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fdGVybSI6InAxIiwidXRtX2NhbXBhaWduIjoic2F2ZXNhcmEifQ%3D%3D; expires=Mon, 25-Nov-2019 22:20:04 GMT; Max-Age=15552000; path=/ ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6Ikhlc3NlbiIsInppcF9jb2RlIjoiNjU5MzEiLCJjaXR5X25hbWUiOiJGcmFua2Z1cnQgYW0gTWFpbiJ9; expires=Wed, 05-Jun-2019 22:20:04 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=5f16e9cc2e173f64252cd42611fd5508; expires=Fri, 05-May-2119 22:20:04 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiJlZWRmOWYyMjdjODFlZTliNjFmYjhmOWRjOWNkNDZhYiIsInN0IjoxNTU5MTcwMjA0fQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6Ikhlc3NlbiIsInppcF9jb2RlIjoiNjU5MzEiLCJjaXR5X25hbWUiOiJGcmFua2Z1cnQgYW0gTWFpbiJ9; expires=Wed, 05-Jun-2019 22:20:04 GMT; Max-Age=604800; path=/; domain=.ketto.org
x-cache
Miss from cloudfront
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-id
dy2Spmcfz_qvyxBxeUZXihkKMKtSk2ssOMwPqMs9Phe4wDlwaCh0AQ==
css
fonts.googleapis.com/ 		5 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0c4592cb56bec1a745568b3dd0746818ec4cb08e996c96175e7abd37d774dc8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 29 May 2019 22:20:04 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 29 May 2019 22:20:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 29 May 2019 22:20:04 GMT
story-custom.c4b302.css
d1vdjc70h9nzd9.cloudfront.net/less/ 		294 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.c4b302.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75055e66134d88f50a71463bc2ec8424fdd4f67f025351eb72c159688bb1cde7

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 May 2019 10:14:56 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2019 09:20:07 GMT
server
AmazonS3
age
43343
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA56
x-amz-cf-id
9k7j9dlO9vylM3PHvJDK3eVALygtt7DnCJxIWWs5hiaX-J7tIDGPPA==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
stories.designD.bundle.1c8407.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		102 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.1c8407.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a5a5a432041f7089690c0d39c737684da69bbe39977cfa2fcac87fa6ad685fe

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 May 2019 10:16:00 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2019 09:20:25 GMT
server
AmazonS3
age
42103
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA56
x-amz-cf-id
FgLvO-uwgYjFe3SZvprfJEOM2as1nd_VdGM1E6qEHerA8MAlLGz3XA==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 00:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7076073
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30028
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 00:45:31 GMT
angular.min.js
d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/angular.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 01:30:20 GMT
content-encoding
gzip
last-modified
Sat, 12 May 2018 15:51:07 GMT
server
AmazonS3
age
766185
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
x-amz-cf-id
oFyvAIxIItq7_3Mxoc0wGvXAnRcbYpkWDKUNgiGmhm15VTkVtwkvIA==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
08cd319859d60f7cf131e9ac0919f72fcc621eb5.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/86000/86282/image/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/86000/86282/image/08cd319859d60f7cf131e9ac0919f72fcc621eb5.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98d35cc59705f6e71da18776cae4e32efb1b450bf75970f4089266fbab7e1255

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 May 2019 09:06:48 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Tue, 19 Mar 2019 09:34:52 GMT
server
AmazonS3
age
825197
etag
"28e169063b86f5f3719b6ea35d67b2dc"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
73755
x-amz-cf-id
FfeUrBQdHD7wAksYbaz138D_z-dvoWAIC1_GD2qftMQhoGf5Qd71XA==
ketto_assured_icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/ketto_assured_icon.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 01:30:20 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:11:56 GMT
server
AmazonS3
age
766185
etag
"200ceec5ec95c93879aad89ad37c2b2c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
8241
x-amz-cf-id
BMkGmcuBiFM_00EzcUOJpmtbar29rghIbC83TZy_2dBaaaiO3yjbPw==
check-circle.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		525 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 May 2019 23:21:27 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:09:56 GMT
server
AmazonS3
age
169118
etag
"da1437e83409e90ba99351cd977c1972"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
525
x-amz-cf-id
MZWep6mqZ2oc6xlH-sGG43P4fTswCCyKQ_80fl6oycTfY2Qh9MRXAg==
5c90b69a09fc5.jpeg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/86000/86282/image/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/86000/86282/image/5c90b69a09fc5.jpeg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d78c5290f2bd882abc9c6d592d11d4c788751ff55033658c138c76ecaeed5e22

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 11:49:01 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Tue, 19 Mar 2019 09:30:03 GMT
server
AmazonS3
age
1593064
etag
"365867a8eea4dcf0749b32f9d303a0ef"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
5845
x-amz-cf-id
3WAw5MZWU-7l-8PH0OlR8mEnqlZb4-eRGfRUSnXaTSAjNm7fqT9mzw==
success.svg
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/success.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 00:43:52 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:15 GMT
server
AmazonS3
age
768972
etag
"b3ac3ad9144c660c6f162cfc15d848f4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
947
x-amz-cf-id
p6oOn_Ef0SWc-wbDdLIPM3-tj_l0XhgXbF6H2i3WdvBXCdJhGR3Dig==
check-circle2.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		271 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle2.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 21:21:36 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Fri, 18 Jan 2019 07:42:34 GMT
server
AmazonS3
age
3688
etag
"48dd2ff3300166f57ecdbe39efd4bb27"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
271
x-amz-cf-id
3i1zW225U-cLHSUQbtajUj9Df7f2bbCFgYg0V3QRtT-e4Co0yPN3yQ==
gtm.js
www.googletagmanager.com/ 		182 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
a6693bc1d91121fb3bbf86831288f81e9cb999fd6eafdbd67259f867c6940ae5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
br
last-modified
Wed, 29 May 2019 18:17:31 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
38531
x-xss-protection
0
expires
Wed, 29 May 2019 22:20:04 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.116 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-116.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
780c27ba988f780180648bee9633d40f3b2487d774798267052d94923aed7f0d

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 22:11:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2019 12:23:51 GMT
Server
AmazonS3
Age
535
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, private
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
Hp0pUQHE1T1gek1pP9GE7A_hXxQ94xW-PSAg_iOjbON77iPJPxMk4A==
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&r=0.5299084247320616
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
40b72f6d2d38b4717b855dc03cddddeee4f04e4f8089062576c629a3260a7dc3

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 29 May 2019 22:20:03 GMT
content-encoding
gzip
server
dacdn2
content-type
application/javascript; charset=UTF-8
source-sans-pro-v11-latin-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-regular.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.1c8407.css
Origin
https://www.ketto.org

Response headers

date
Tue, 28 May 2019 01:22:04 GMT
via
1.1 9f4017bef2e790d377578f1a7821f0ea.cloudfront.net (CloudFront)
age
161881
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15908
last-modified
Tue, 20 Nov 2018 09:29:44 GMT
server
AmazonS3
etag
"76d8cbb0496cb184eff868152b67ad45"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
vcStnRmxe7-5kejaQYvJtiYcapbClauTLMDz1odncrk4Iymf9HGFhw==
fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.c4b302.css
Origin
https://www.ketto.org

Response headers

date
Sat, 11 May 2019 08:48:01 GMT
via
1.1 9f4017bef2e790d377578f1a7821f0ea.cloudfront.net (CloudFront)
age
1603924
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
71896
last-modified
Mon, 07 May 2018 14:12:37 GMT
server
AmazonS3
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Origin
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
Pha4MPk4MwW_S7Kz9-i92q-FCSSBm2rKihLV9RdP4pabFjQ3fLd01A==
va-35944a27e1b831a6558aad9d7f99a937.js
dev.visualwebsiteoptimizer.com/6.0/ 		179 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/va-35944a27e1b831a6558aad9d7f99a937.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&r=0.5299084247320616
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
92a602705f91ee03d6de465a66d5243a9b2edb45ebf734b1b00eddfce1c6ce42

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

date
Wed, 29 May 2019 22:20:03 GMT
content-encoding
gzip
last-modified
Tue, 28 May 2019 18:14:03 GMT
server
dacdn2
access-control-allow-origin
*
etag
"5ced7a6b-ebe8"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
60392
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=326437&d=ketto.org&u=D826C2D5E1965AC7A5A012858014A0DAB&h=763a03ef80054ad93055ef267338183c&t=false&r=0.4217006144853017
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:03 GMT
x-content-type-options
nosniff
server
dacdn2
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
logo-light-bg.svg
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.c4b302.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 May 2019 20:56:43 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2018 14:11:57 GMT
server
AmazonS3
age
782602
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
x-amz-cf-id
3m_PIQA1dL7W-EcuWnbnB_CLUOZlNQUFU5ewX7zUZLBiWpo2f4eDHQ==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
icon-secure-lock.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/icon-secure-lock.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.c4b302.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 06:31:09 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Thu, 13 Dec 2018 11:12:04 GMT
server
AmazonS3
age
36605
etag
"b073ad3e3f41cfd507c4b09034b210ee"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
1552
x-amz-cf-id
HgYZvUyy3y96E-cr0J9WfEgQZefiqhLnYBeh7cvke4_zMxQ-ym2RXg==
mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/mi-shine.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.1c8407.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 13 May 2019 00:34:48 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:02 GMT
server
AmazonS3
age
1460717
etag
"37d16b2f8ba85dd0f6daa5db90b7f902"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
3890
x-amz-cf-id
es4kJ_mdh0UQiYN-zSc93hFA4TeGen1fwqyVglD2hBwON1MD1qdxyQ==
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v8/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://www.ketto.org

Response headers

date
Sat, 09 Mar 2019 01:24:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:29:01 GMT
server
sffe
age
7073741
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10292
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 01:24:23 GMT
source-sans-pro-v11-latin-700.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-700.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.1c8407.css
Origin
https://www.ketto.org

Response headers

date
Mon, 20 May 2019 21:00:01 GMT
via
1.1 9f4017bef2e790d377578f1a7821f0ea.cloudfront.net (CloudFront)
age
161882
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15480
last-modified
Tue, 20 Nov 2018 09:29:43 GMT
server
AmazonS3
etag
"f04441cfc122bf84e1cf24058fddba87"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
nWERCypCUZqbxW8hGoi13CHiQhKkNaXUTjNlzCP7Mqq889fGXqwhRA==
glyphicons-halflings-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.c4b302.css
Origin
https://www.ketto.org

Response headers

date
Sun, 12 May 2019 14:46:18 GMT
via
1.1 9f4017bef2e790d377578f1a7821f0ea.cloudfront.net (CloudFront)
age
286424
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
18028
last-modified
Tue, 20 Nov 2018 09:29:35 GMT
server
AmazonS3
etag
"448c34a56d699c29117adc64c43affeb"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
hD3iSV_S488RLwQeFnh7G3G8wOMpHillRjrJJsAQMODvhQPx8SKDrQ==
a
wzrkt.com/ 		268 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=90&type=page&d=N4IgTgpgZhaWIBcIAuYDWA6ADmA9lAJYA2hAdhCpgMZ4C2IANCAK4DOSIEAHirGQENiAfSJg2KPNhSE8ZJqwbIIdASQUtqnNgIBuEHWAELCAE04AWAEoA2ALQWA7AA47VqxYBaC7AHMkAIzM1H6cABYoKNhsiAD0sQDuSZjolJKYeGC%2BsRKZhAY5egYCRgD8LCh0wtQCdNhqvmQAvDr6hgIAZBVVdBCmhCx0TSpqxF2Vwmx4LGDUEMO8%2FEKihOKS0rJk41V8YEPYASAAvkAAAA%3D%3D&rn=1&i=1559168404&sn=0&r=1559168404759
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.140.41 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-140-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0826afca96b775d85994542e72f3c0787e27c85e4d0685b6d561a2e856420b33

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8912
x-xss-protection
0
server
cafe
etag
11386026576561889187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 May 2019 22:20:04 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
2851
date
Wed, 29 May 2019 21:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 29 May 2019 23:32:33 GMT
hotjar-200024.js
static.hotjar.com/c/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-200024.js?sv=5
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.239 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-28
Software
openresty /
Resource Hash
0e0a2e80d44ed3d839d6eaaec988aa6bc926a99673908ef87c1774d6819d4521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
117
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
3265
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/9bb647028b1b4eb4d28a9c18cef9408d
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.069
accept-ranges
bytes
section-io-id
0c58ec87eda389b7a50bbbe00eadbff3
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.157 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
age
25000
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-ams21048-AMS
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1559168405.801197,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
ToiLsPd0ql6RIbNB+RMYQTcm+V27CclnnVuyluZgzHf3Ax3APUy9Io0/GzKmVcdNm4w3EPwP399OEL0Ghv1uvw==
date
Wed, 29 May 2019 22:20:04 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1034141/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1034141/tfa.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f439d06b31431c40366690512548b080d57acdd300dd5ed56d8d7e89ad655595

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
MGU9_68nn.YALyTdtmO.0cKOGreqgeWu
content-encoding
gzip
age
0
x-cache
HIT
status
200
date
Wed, 29 May 2019 22:20:04 GMT
x-amz-replication-status
COMPLETED
content-length
7735
x-amz-id-2
Gdv4A1zgvuaJE5ITC8fIG4628dA6k+25aao7bR6XVe2ix7KKqtTOknimvMXpcoYRWe250GDZI74=
x-served-by
cache-fra19155-FRA
last-modified
Mon, 13 May 2019 07:05:18 GMT
server
AmazonS3
x-timer
S1559168405.797229,VS0,VE194
etag
"1ebc722c3da75a7a11e787ea7ea89336"
vary
Accept-Encoding
x-amz-request-id
310C2720E53354B9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
1
ytc.js
s.yimg.com/wi/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:84:800::1001 , United Kingdom, ASN203219 (YAHOO-AMA, NL),
Reverse DNS
Software
ATS /
Resource Hash
d7be6be7709666533c45ece24381aa509457c039d845e7e64764908bbb736592
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
x-amz-server-side-encryption
AES256
status
200
content-length
4925
strict-transport-security
max-age=15552000
x-amz-request-id
1B91BC403057021A
x-amz-id-2
72oBoXREemX02oafoIdzY1iWt2fqDElcGOOBsxz2NH/KGQUrxXOUjB3S1+qSWN71w+aJeAIDlwU=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 03 Jul 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 29 May 2019 19:13:48 GMT
server
ATS
etag
"6ac4f3308a7aa85ff9ccf3b4f7e8c3b4-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-version-id
A_.Ed5UL.VIxBDLFls8VpO0go49._4vS
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges
bytes
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782023289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
e21a3d486a99eb5bdd8e2f80dae9d0d71e80475798d5879a1eb3ee6aa7b68703
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25278
x-xss-protection
0
expires
Wed, 29 May 2019 22:20:04 GMT
B22411221.241945247;sz=1x2;ord=624281484407
ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=624281484407?
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=OEl0ZWE3Z21CRUFMYkkxV3lwNHJtUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
c61048eefda47b4239cd602cedae0b690459bf07dd0788f6db95591dba1939a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
3009
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
razorpay.js
checkout.razorpay.com/v1/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.razorpay.com/v1/razorpay.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.133.242 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-126-133-242.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
a9e43e706882e3d41624a9c0c850c63885983622238914fd44c90071de687436
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 May 2019 22:20:05 GMT
Content-Encoding
br
Last-Modified
Tue, 28 May 2019 08:15:33 GMT
Etag
"5cecee25-532d"
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=315360000; includeSubdomains
Access-Control-Allow-Headers
origin
Content-Length
21293
X-Xss-Protection
1; mode=block
/
js.stripe.com/v2/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
669fbe52929575a38eb337b51070255f4a055a03fd6a93d573486d0f0a591344
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
158
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
20945
x-amz-id-2
cD7AfcqjeU3liGwXt6XjbE/GwK0ob9ZOPB9DLnbh4cR0MELpaV1sv7Hd6oUi7137hgGafSCktvA=
x-served-by
cache-fra19144-FRA
last-modified
Mon, 20 May 2019 21:32:27 GMT
server
AmazonS3
x-timer
S1559168405.866007,VS0,VE0
etag
"96010bc114bba9087e00d973fadec762"
vary
Accept-Encoding
x-amz-request-id
BD3B59E8C0701FD9
via
1.1 varnish
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24
stories.bundle.min.f34da6.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		106 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/stories.bundle.min.f34da6.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08d08b42c485b839714bf5b7a5726cce3f0a6e75e658306e8e5f9126e463920c

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 17:02:00 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 11:54:28 GMT
server
AmazonS3
age
31044
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA56
x-amz-cf-id
QTTdVzh-IMDda48hYPooBvTk5HLldZzl-OKA2kwLyuDcDX_NeBzytg==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
storiesDefer.bundle.min.498bd6.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		743 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.498bd6.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b090e61991ba938ae7e9fde0a6927e506e5abd4213dd6acd4f0213be287f3559

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 May 2019 11:54:05 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 11:48:39 GMT
server
AmazonS3
age
19083
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA56
x-amz-cf-id
qrUy8nc9_2O-453aHO_8lE9BSdyxNdQrA3j7Q6cHU06ONUbyEeWAQg==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3F...
9237602.fls.doubleclick.net/ Frame 8B55
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fw...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 29 May 2019 22:20:04 GMT
expires
Wed, 29 May 2019 22:20:04 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
407
x-xss-protection
0
set-cookie
IDE=AHWqTUmBkSiIv1mr4Zv0hjmLnPQlGx4xw8eqkO85RZ37f7KilP9j1Epk3BLbhIjk; expires=Mon, 22-Jun-2020 22:20:04 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 29 May 2019 22:20:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CLSMqffiweICFQIUiwodf5sOkw;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=8239781734316;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-May-2019 22:35:04 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2...
9237602.fls.doubleclick.net/ Frame D8BE
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 29 May 2019 22:20:04 GMT
expires
Wed, 29 May 2019 22:20:04 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
399
x-xss-protection
0
set-cookie
IDE=AHWqTUn61ZPhpaBAR1YLEFA4qcVzSSPGjR49-43rAUm1FC7Gck0SYkvhFdwtGfRo; expires=Mon, 22-Jun-2020 22:20:04 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Wed, 29 May 2019 22:20:04 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CNLLqffiweICFQQUiwod_ycBKw;src=9237602;type=sitew0;cat=dcm_s0;ord=6262415344154;gtm=2wg5f2;auiddc=1820003498.1559168405;u1=%2Fstories%2Fsavesara;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-May-2019 22:35:04 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
faq_sprite_desktop.png
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/faq_sprite_desktop.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1495998141c1d663000e168d91710a9259e78cbd168e7891ea91afb5835e6f31

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.1c8407.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 21 May 2019 11:16:05 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 06:02:27 GMT
server
AmazonS3
age
36583
etag
"2a170838ebc32dbeccb194145f221f33"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
59740
x-amz-cf-id
GqGc6XUltNCrENoQ2Ptn6p1EgC3ndIzIgt-yNcfhBj4SoKWunpCw2w==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1897825600&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_gid=1208978425.1559168405&gjid=1256179647&_v=j76&z=1254734338
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_v=j76&z=1254734338
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_v=j76&z=1254734338&slf_rd=1&random=3808144719
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_v=j76&z=1254734338&slf_rd=1&random=3808144719
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=429549809.1559168405&jid=1684271795&_v=j76&z=1254734338&slf_rd=1&random=3808144719
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1559168404933&cv=9&fst=1559168404933&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1bfab6e3cdb6215be159113996c650efb74588afee495ced07607a6db2549f53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1071
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/?random=1559168404936&cv=9&fst=1559168404936&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
004c5fc0adcade5670e6138525601703022198c2a34157c23667f76ea272bb18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1073
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1559168404938&cv=9&fst=1559168404938&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
327e73edf454c40ccda9d74bbab0abab3b5ce4f56d4e37dbd9e0f573ee9e076f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1072
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.592ba7d8e5833187164e.js
script.hotjar.com/ 		423 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.592ba7d8e5833187164e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.19 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-24
Software
/
Resource Hash
aa886e9ed66008da6cecbec1262a211ed7bee0431588b78b5eb2dff82116b911
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 May 2019 14:44:54 GMT
access-control-allow-origin
*
etag
W/"2757838f3d01080cd1e37de426f82d70"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.040
section-io-origin-status
200
accept-ranges
bytes
section-io-id
a4f00777219043cfce6909ef6632e99a
content-length
89973
441308802710601
connect.facebook.net/signals/config/ 		207 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/441308802710601?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1d4d178d79752d3442d46b815cb8167299fc03059fe0fa34e8a044c8fcd5fffa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
4m14v/uGL4fOVO31VY+wBpkVdJCs9l40J9fgrccCAPgaST7dRXwbPCncwHFo6EmoZmsvatYIVfshJpdRAAG/sQ==
date
Wed, 29 May 2019 22:20:05 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
lidar.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=624281484407?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ef4c0024e6dd8d9651fb091902104ae33847de949da906046faf9a7c865cc2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1559128787843989"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28509
x-xss-protection
0
expires
Wed, 29 May 2019 22:20:05 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7VOGyB6t42yND27A0-tFFJmdZ8knSIbSlAAmnZWTrkdMlOazumkrdAT4iytMa-IIjXd0mEz_UNKHHTHYPY8PtwIayAxcCl02XBDeYyQKe1nOSFWQ&sig=Cg0ArKJSzLOnzWnR-eTzEAE&urlfix=1&adurl=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
10063059.json
s.yimg.com/wi/config/ 		243 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10063059.json
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL),
Reverse DNS
Software
ATS /
Resource Hash
3cf40bb1a33de994771ebbad77d8b4596dfaf3a0e122313788175396a63669fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

date
Wed, 29 May 2019 22:20:04 GMT
x-content-type-options
nosniff
age
1
status
403
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
DABE506028F78A66
x-amz-id-2
TSGxOZ4KGooY55gfstXv934dotuw2xX8avLRTNs4OgYN7XL3W4x51zqlz3o8zAbNeMHrtNKDyEs=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-type
application/xml
adsct
t.co/i/ 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
111
pragma
no-cache
last-modified
Wed, 29 May 2019 22:20:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
7fa5b16319e89849d64d76599a58c821
x-transaction
002a714a00e406c3
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.google.com/pagead/1p-user-list/963384337/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963384337/?random=1559168404938&cv=9&fst=1559167200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3173195950&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963384337/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963384337/?random=1559168404938&cv=9&fst=1559167200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3173195950&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/930975017/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930975017/?random=1559168404933&cv=9&fst=1559167200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=4270043837&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930975017/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930975017/?random=1559168404933&cv=9&fst=1559167200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=4270043837&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/837073759/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/837073759/?random=1559168404936&cv=9&fst=1559167200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=4210808516&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/837073759/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/837073759/?random=1559168404936&cv=9&fst=1559167200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=4210808516&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc.taboola.com/1034141/log/3/ 		0
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=page_view&tim=1559168405061&ref=https%3A%2F%2Ftrk.profilinet.com%2F
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-cache-hits
0
x-served-by
cache-fra19155-FRA
pragma
no-cache
server
nginx
x-timer
S1559168405.068807,VS0,VE8
content-type
image/gif
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1559168405100&cv=9&fst=1559168405100&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
be39072f3010bb5c0e793353417c38e72a20b88d9e34182c20a3b3cac38b00ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
16qL7fM+DgL9jdQfe1Up4OV7Ro+tCYuoo3sdBUuqMKHL2wz8oa4PG/PllDeGzhk0w/vVnIimP26yAfoDbF17/g==
date
Wed, 29 May 2019 22:20:05 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1559168405100&cv=9&fst=1559167200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2195110207&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1559168405100&cv=9&fst=1559167200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5f2&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2195110207&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&rl=https%3A%2F%2Ftrk.profilinet.com%2F&if=false&ts=1559168405215&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1559168405206.539712926&it=1559168404988&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 29 May 2019 22:20:05 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d1vdjc70h9nzd9.cloudfront.net
URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.498bd6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
2546897451a1f9e2bb0d17c28666040497a4b5aaed95c81f40b5060d913dc622
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LS2WMpwtGOR/q5QFHg+jUg==
status
200
date
Wed, 29 May 2019 22:20:05 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
YjUepKFGE+zOGvmy/YyP7QwWePgzpV0mFtdqu52khIZc82Wed7Jc1qI9kmSR0TdbKzuUBuJKpVXb82nNCuJWyw==
x-fb-content-md5
f4ef109909ac6d00c9657cf3e1de05f6
etag
"e5e8eb9b70ed364618a935c7f4cdd570"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 May 2019 22:39:14 GMT
iplocation
apis.ketto.org/api/third_party/ 		201 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/third_party/iplocation
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
372d169b7a27d2172896094808c64f18add01d3b3f2e5e007da6f2affaa01c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
savesara
apis.ketto.org/api/fundraisers/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/savesara?with=viewmedicalbill
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
1a5e45ad6ca272ffcfdfd8734e88a51073f6e97c81a74627601adb8f58c20b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
comments
apis.ketto.org/api/fundraisers/savesara/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/savesara/comments?limit=5&page=1
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
00c43bebb8f96e646b0c810e12722d64e304a8d3fcf7f3c29c7848773a4a1a0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/86282/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/86282/donors?with=donoravtar;comments;activation&donor_entity_details_id=undefined&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/86282/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/86282/donors?with=donoravtar;activation&limit=10&page=1&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
1a760e554353de77b04b4cd1819137d91b26fdb40dae8c160a3baf63e7a56c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
updates
apis.ketto.org/api/fundraisers/86282/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/86282/updates?with=owner.avtar&limit=1&page=1&orderBy=id&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
14506d5cefda5c4dc94bd97ffc77d744079cd2ae3e03bdb1ea6e38a7dc43238f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
a
wzrkt.com/ 		196 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=90&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciAwiVIQJYDmaABAGo0wDuMAJtrmACKEwhBKH4oaAYxiMAKtDIhxAZwDWYAPZReABUJ0ZAVQBKAGQQgA9Ms0AnNsuuFUywrZE4AyjGXKaGpgBJfgsATgBGABYAdi4AIziANgSAZmkABkJwlJTQ0IAOAoAzFOjJFITJAFZeQJ1GAEEuLlsfZQtw%2FKqAOnCq8O6q%2FN7O3gAhWw12ZRhbC3IAC0nSXkpianomWRowABtFAHUZfBhuRmNlRk7GU0JVBbkNc59JAFcZAHlX20ZBV7oFmBZowAGLLRiUNDSWxYRg6faEGaMAASMF2UEYhnaOHwdCewQs0WyoV4AFFUBhGATEOlVoRXkjqSA%2BrScGsNgwqSFEPlEgAmfJ8unrWic%2BSwCyEHg4QyyACyjE8Gm%2B0gsMAAHkDbGhCLsAPpFGi2GxaMD%2BNC8WUKuXcGivYhq4i0XaW%2BUQqiii2IVwuNweEDimB6hpjCyhgC%2BOBoPEQkWMiQAtDF8gnjMZIgAtXh0CzpaKFKqhSL5XIpdKRPnhPLRaLpGDpUKJIolKowSIpIq8drwPqF8KJfKRcs4KA5nvhoAAAA%3D%3D&rn=2&i=1559168405&sn=0&gc=07895948393042199770e096ff35e43f&r=1559168405761
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.248.140.41 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-248-140-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bdc12e1b6b8ca5675d8750d9b149e3cff18e3aa18461be6825e49eab60e158f4

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8912
x-xss-protection
0
server
cafe
etag
11386026576561889187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 May 2019 22:20:05 GMT
unip
trc.taboola.com/1034141/log/3/ 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=view_content&tim=1559168405769&ref=https%3A%2F%2Ftrk.profilinet.com%2F
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
via
1.1 varnish
server
nginx
x-timer
S1559168406.773185,VS0,VE8
x-served-by
cache-fra19155-FRA
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
storiesDefer.bundle.af2aef.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		142 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480e98104bffae58da471d3c88798bb92cf045e0711a56705bcc4d7633469d65

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 May 2019 13:53:41 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 13:42:46 GMT
server
AmazonS3
age
14976
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA56
x-amz-cf-id
HRG_i8tOfJyeOFvo9TZzD-bB0LjWyLrbybmTeXQRqNyP3vIRWP9iuQ==
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
/
graph.facebook.com/ 		198 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https://www.ketto.org/stories/savesara&fields=engagement&access_token=337663723602820%7C05e102ad2bd04e00dbbbcab86bbae92f
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
f13a8f6cfe010a656179e85bf0b4bb284cda735f1111cf092bf671f1b4339938
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"9dbb299244be7097398f2f3a9204b1dd955d89af"
x-app-usage
{"call_count":15,"total_cputime":0,"total_time":1}
status
200
x-fb-rev
1000764313
content-length
123
pragma
no-cache
x-fb-debug
k/s2BorhgXRt9gc8x8S7CNnvApLj+/E5bJimEj4NZWo0+dYyoszJngT9Vw4XC59cC4StCrR6r3hINYNdPXWNGg==
x-fb-trace-id
CSZ2EnDkHIJ
date
Wed, 29 May 2019 22:20:05 GMT
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AXLMvddy2wNMjtBuQKzOGO9
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v3.2
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=1897825600&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&dr=https%3A%2F%2Ftrk.profilinet.com%2F&ul=en-us&de=UTF-8&dt=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=We%20Need%20Rs%2018%20Lakh%20To%20Rescue%20Our%20Daughter%20From%20Cancer%2C%20Please%20Help%20Us&_u=aEDAAAAB~&jid=&gjid=&cid=429549809.1559168405&tid=UA-30181760-1&_gid=1208978425.1559168405&gtm=2wg5f2MJRMLZ&cd7=150&cd8=savesara&cd9=86282&cd10=ad&z=1286352506
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 05:14:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7059954
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
mark
trc.taboola.com/ketto-sc/log/3/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/ketto-sc/log/3/mark?marking-type=Visitor&item-url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&gtmcb=629969831
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-fra19155-FRA
pragma
no-cache
server
nginx
x-timer
S1559168406.840225,VS0,VE8
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption...
  • https://cx.atdmt.com/?c=16729841183384143555&f=AYyb0MvAGi9vCoeXTTidSBq85JwuSQ_rzGEdvjHjaPsJCmTIEPDCMwLsAucFH9POYQrTreFtLGDYnnDjxUlZ-l4D&id=441308802710601&l=3&v=0
42 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=16729841183384143555&f=AYyb0MvAGi9vCoeXTTidSBq85JwuSQ_rzGEdvjHjaPsJCmTIEPDCMwLsAucFH9POYQrTreFtLGDYnnDjxUlZ-l4D&id=441308802710601&l=3&v=0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:202:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 29 May 2019 22:20:05 GMT
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
server
proxygen-bolt
location
https://cx.atdmt.com/?c=16729841183384143555&f=AYyb0MvAGi9vCoeXTTidSBq85JwuSQ_rzGEdvjHjaPsJCmTIEPDCMwLsAucFH9POYQrTreFtLGDYnnDjxUlZ-l4D&id=441308802710601&l=3&v=0
content-type
text/plain
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
adsct
analytics.twitter.com/i/ 		31 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
120
pragma
no-cache
last-modified
Wed, 29 May 2019 22:20:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c64d0d30bc64513135737a7673e94d43
x-transaction
00f207620031ed5f
expires
Tue, 31 Mar 1981 05:00:00 GMT
channel.html
js.stripe.com/v2/ Frame 113C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default520426&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default520426&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
x-amz-id-2
9InECcNBKw3TJTBJm4VeCVaFrMx5F9gpZ2t6eGzeAu+fG7KfRY0+5ydTyGrmG4/4zVxpm3cdLu0=
x-amz-request-id
80BCB4662ABF2DDA
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 29 May 2019 22:20:05 GMT
via
1.1 varnish
age
21
x-served-by
cache-fra19144-FRA
x-cache
HIT
x-cache-hits
6
x-timer
S1559168406.856968,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
560
86282
apis.ketto.org/api/answer/ 		36 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/answer/86282?user_id=5f16e9cc2e173f64252cd42611fd5508
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
f0d0ea3ef19c3d82afe028046f657bfa14d4643320b301ad938e04cba0bfcb37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
673d37cda1bdb53920e63ad8efc78fa729b2bc8f.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/673d37cda1bdb53920e63ad8efc78fa729b2bc8f.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a62d83d6ef95ac500fd1dc6af19218c23ffedb7796898ca5b0e25ef7cc991a0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 04:58:00 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Fri, 22 Mar 2019 11:10:12 GMT
server
AmazonS3
age
1531326
etag
"4b7c57176882da42f335c3290290ff88"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
48666
x-amz-cf-id
EQXJBCLnTdcjC5g7XKuSL_KLe4CKr2jqJeAiqvmkkbKRSSMUHAs_eQ==
574425a8cdf6a3ff1b19fae35acb4eefe0c24e05.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/574425a8cdf6a3ff1b19fae35acb4eefe0c24e05.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba6f3f9a01598ba42d2485368dd3d62170e30712bebf396e49a0e9160cef6d6

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 12 May 2019 04:58:10 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Fri, 22 Mar 2019 11:10:35 GMT
server
AmazonS3
age
1531315
etag
"478c5cea344c5d4ce4057e1cb4f6029c"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
47949
x-amz-cf-id
jCus2Mcq9VjIJxLyPu6n9WwgNe3WRMtavlSeotkzCKOiD1hxtHhH8g==
sdk.js
connect.facebook.net/en_US/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bcc0f69a88a8ef3f13f99d6494bb41b4&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b26859b92e19a1823424ee8b03a8663bf2b286206af03ff964ba6b87fe1f2745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qe/kmOYwbRMiWMBpI6nb/w==
status
200
date
Wed, 29 May 2019 22:20:05 GMT
vary
Accept-Encoding
content-length
59626
x-fb-debug
ev8J/YtDnp2A5qU7H06r3KuEUZjsp9RBjq4unaD6qmxXVQjftG7AbX7mYrrJB+zlUi/t2gHxXiS5jwOsFP+S/Q==
x-fb-content-md5
e91bfeba67569ef6b469015109c75488
etag
"40883ff2b9ff24f23703d3a52539aab2"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 28 May 2020 20:53:53 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1559168405872&cv=9&fst=1559168405872&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b1be806bb01c79a97e11b61c1f039e1863fde4fad3f5bce8e9fc53ea9e456793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1126
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame AC04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2877
pragma
no-cache
cache-control
no-cache
origin
https://www.ketto.org
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
fr=0NLwLjB3QSAaZoKJe..Bc7wWV..Fzv.1.0.Bc7wWV.
Origin
https://www.ketto.org
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.ketto.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Wed, 29 May 2019 22:20:05 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame BA28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.173 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-27
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
date
Wed, 29 May 2019 22:20:06 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.049
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
44702449fa9d3ce9621b131702abd155
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1559168405872&cv=9&fst=1559167200000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3533598889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1559168405872&cv=9&fst=1559167200000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5f2&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3533598889&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 58C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bcc0f69a88a8ef3f13f99d6494bb41b4&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
fr=0NLwLjB3QSAaZoKJe..Bc7wWV..Fzv.1.0.Bc7wWV.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 27 May 2020 06:28:26 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
1xWQctwsjaW/DX9yKaV5Fak7RUaeyu+p2RGIOjbktY//eljmo87XGnbHFWwHDjaa3g6obCuHGLXdqJLwRi9w1Q==
content-length
11164
date
Wed, 29 May 2019 22:20:06 GMT
nr-1123.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1123.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 22:20:06 GMT
content-encoding
gzip
x-amz-request-id
DAB7530374B347EE
x-cache
HIT
status
200
content-length
9288
x-amz-id-2
G8v/8sth6lcgQXZWLNdY+rVR+p75PDRsoIAIItLlbBphnRjxy9btqi9TaHYHN3ZHt9yov4ScsJU=
x-served-by
cache-fra19145-FRA
last-modified
Fri, 22 Mar 2019 14:06:15 GMT
server
AmazonS3
x-timer
S1559168406.089861,VS0,VE0
etag
"7ffb242072196e9db5f4f1bfbfa2ed7d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
956317
outer.html
js.stripe.com/v2/m/ Frame 8CAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
x-amz-id-2
HFuGNeoQbprl6n37nsR+0bwtTQuTsSQFHlEZr4G/7NMil0BzhEsJ/n4n9JZ+3ii2BPSvu/pj5HM=
x-amz-request-id
46F14DDC742F0F2C
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 29 May 2019 22:20:06 GMT
via
1.1 varnish
age
21
x-served-by
cache-fra19144-FRA
x-cache
HIT
x-cache-hits
13
x-timer
S1559168406.063130,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 84F0
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3429...
  • https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bcc0f69a88a8ef3f13f99d6494bb41b4&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
fr=0NLwLjB3QSAaZoKJe..Bc7wWV..Fzv.1.0.Bc7wWV.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 27 May 2020 06:28:26 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
1xWQctwsjaW/DX9yKaV5Fak7RUaeyu+p2RGIOjbktY//eljmo87XGnbHFWwHDjaa3g6obCuHGLXdqJLwRi9w1Q==
content-length
11164
date
Wed, 29 May 2019 22:20:06 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44#cb=f3429eb93c5ac68&domain=www.ketto.org&origin=https%3A%2F%2Fwww.ketto.org%2Ff241fce968180f4&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
Mz71TRlw6xSwnyfAgG5Her6rtZrL5xyYhWNYDAnUnFqCD2CFiYBhW2ZrKmorsj2r8RHQh2VZW3lX+RvxUhBCoQ==
content-length
0
date
Wed, 29 May 2019 22:20:06 GMT
collect
www.google-analytics.com/ 		35 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=1897825600&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsavesara%3Futm_campaign%3Dsavesara%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&dr=https%3A%2F%2Ftrk.profilinet.com%2F&ul=en-us&de=UTF-8&dt=We%20need%20Rs%2018%20lakh%20to%20rescue%20our%20daughter%20from%20cancer%2C%20please%20help%20us%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=GTM&ea=10%20Second&_u=aHDAAAAB~&jid=&gjid=&cid=429549809.1559168405&tid=UA-30181760-1&_gid=1208978425.1559168405&gtm=2wg5f2MJRMLZ&cd12=1559168404768.xy7m4cv&cd14=429549809.1559168405&z=1745032219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 05:14:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7059955
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
f64838bf44
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f64838bf44?a=14449237&v=1123.df1c7f8&to=blRTbBcCCBIAW0NZWlceck0WFwkMTl5FX1tNdF9cShASDhNRUkMaSkVeShw%3D&rst=3159&ref=https://www.ketto.org/stories/savesara&ap=393&be=1509&fe=3095&dc=2578&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1559168402956,%22n%22:0,%22f%22:1,%22dn%22:3,%22dne%22:30,%22c%22:30,%22s%22:36,%22ce%22:51,%22rq%22:51,%22rp%22:1498,%22rpe%22:1722,%22dl%22:1502,%22di%22:2074,%22ds%22:2578,%22de%22:2883,%22dc%22:3094,%22l%22:3095,%22le%22:3133%7D,%22navigation%22:%7B%7D%7D&at=QhNQGl8YGxw%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
12.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/12.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16732a9f01ea1ae2aeb389f72fb4bbec567c3e9748ee9b9b29630b03b6e6ea66

Request headers

Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 04:50:42 GMT
via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:08 GMT
server
AmazonS3
age
2136565
etag
"d047393e1a6f947f41f6aec001661817"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA56
accept-ranges
bytes
content-length
15378
x-amz-cf-id
uivVqud3Kkd5lXdmheATHUZ2F54KWfPjQV2YUzqu5Szps5jvmbGw9Q==
ajax-loader.gif
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/ajax-loader.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:b400:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
icomoon.z3gnh4.ttf
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/icomoon.z3gnh4.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:be00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
Origin
https://www.ketto.org

Response headers

date
Tue, 28 May 2019 23:10:34 GMT
via
1.1 9f4017bef2e790d377578f1a7821f0ea.cloudfront.net (CloudFront)
age
83374
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
40168
last-modified
Tue, 30 Apr 2019 14:15:35 GMT
server
AmazonS3
etag
"13ac5beca606f472d9f1c68f2c25b01c"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA56
accept-ranges
bytes
x-amz-cf-id
EHZ0Lmvru6GyF2XozW4b3mBfBXEhrPBHQ_z6qqKpR3zdyfzimFNwTw==
system_event.php
www.ketto.org/vars/ 		16 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/vars/system_event.php?val%5BeventName%5D=pageView&val%5Bevent_type%5D=campaign&val%5Bevent_type_id%5D=86282&val%5Bpage_name%5D=stories&val%5Breferrer_page%5D=https%3A%2F%2Ftrk.profilinet.com%2F
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-10.fra53.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept
*/*
X-NewRelic-ID
VQUGVFNQDhABUFVWDgMEUQ==
Referer
https://www.ketto.org/stories/savesara?utm_campaign=savesara&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Wed, 29 May 2019 22:20:08 GMT
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-newrelic-app-data
PxQGUldWDQAGR1BWAwUOVFcGFB9AMQYAZBBZDEtZV0ZaClc9HiJGERBZWj1JBUpcXhAkDFNtGBAFQ0VvTRUaEUQHVT1dTlFcR0cVUR9RA1JUBhtRSFIABgldTU8GHRVeBQIAVgdVV1AGBltXDVtXEB8DWA1CBG4=
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
pageurl-1
1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
16
x-amz-cf-id
p3Ao8VaHuNwD0FCVUqt9DLpYYnV-gWmDQn_3PydF9NyH02JNvhx7AA==
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer boolean| isCached object| clevertap object| TRACKING_DETAILS number| _vwo_clicks object| _vwo_code number| settings_timer number| _vwo_settings_timer object| VWO object| _vwo_evq object| hiddengoalcampaign object| amountRaisedCampaign object| daysLeftCampaign string| browserName number| IS_WHITE_LABEL number| FB_APP_ID number| hasDraft string| PHP_API_URL string| custom_tag string| campaign_share_url_exitIntent string| campaign_share_url string| campaign_share_count_url string| device string| supporters_pagination_url string| s3_url boolean| ended string| designTemplate string| beneficiary_fname string| hospital_name string| countryCode string| apiHostUrl string| videoID object| userDetailsAPI string| landingCurrency string| supporterImage string| pageReload string| baseCurrency string| onlyBaseCurrency string| loadPayment string| showTip boolean| showTipVariation boolean| isWhiteLabel boolean| userDonatedCurrentSession object| storyAB string| operatingSystem boolean| hasSurrogateCampaigns boolean| hasUserDonated string| surrogateCampaginLoginRedirectUrl boolean| isUserLoggedIn boolean| loggedUserEmail number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_text object| _vwo_textnode string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| angular object| requestvalue number| newStory object| user_data string| cdn_url function| pageData object| google_tag_manager function| postscribe object| wizrocket object| $WZRK_WR object| $CLTP_WR string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| twq function| fbq function| _fbq object| _tfa object| dotq number| randomNumber object| scriptTag object| insertionNode string| conversionTag function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| page_version object| typeAB string| api_url boolean| isToken_url object| ip2Details string| dimensionValue string| usedDevice number| isbilldesk object| componentForm object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| twttr object| DfaVisibilityIdentifier_938444383_avData function| pdib object| google_image_requests object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf function| discardDraft function| loadCss object| addthis_config object| TRC object| TRCImpl function| __trcError function| __trcJSONify object| queue function| gtag object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ object| __core-js_shared__ function| Razorpay function| Stripe object| app object| appIds string| selectedId function| login function| getFriends function| triggerFShareDialogClick function| triggerFShareExitDialogClick function| fbPageShare function| fbElfPageShare function| fbIplshare function| showCount function| loginFB function| connect function| DialogTrigger function| chechPopupShown function| setPopupShown function| setPopUpCookie function| getPopUpCookie function| ga_ABcheck function| ga_KettoLike function| ga_startCampaign function| event_fb_connect function| event_profilePic_popup function| AB_ExiteIntent function| ga_shareCommentAb function| showLeadModelBox function| setCookie function| getCookie function| showCampaignDraftPopup function| managerHelpPopup function| managerHelpPopupMobile function| showLeadModelBoxMobile function| similarFundModelBoxMobile function| systemEvent function| triggerEvent object| WIZRocket number| search_click function| Blazy function| fbAsyncInit function| setImmediate function| clearImmediate function| swal function| sweetAlert object| bioEp object| intlTelInputUtils object| FB function| getClientId object| difference number| __google_lidar_adblocks_count_

22 Cookies

Domain/Path Name / Value
.www.ketto.org/ Name: WZRK_L
Value: %257B%257D
.ketto.org/ Name: _fbp
Value: fb.1.1559168405206.539712926
.ketto.org/ Name: WZRK_S_4R6-478-RR4Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1559168404%2C%22t%22%3A1559168405%7D
.ketto.org/ Name: _gat_UA-30181760-1
Value: 1
.ketto.org/ Name: _gid
Value: GA1.2.1208978425.1559168405
.doubleclick.net/ Name: IDE
Value: AHWqTUn61ZPhpaBAR1YLEFA4qcVzSSPGjR49-43rAUm1FC7Gck0SYkvhFdwtGfRo
.www.ketto.org/ Name: WZRK_G
Value: 07895948393042199770e096ff35e43f
.ketto.org/ Name: _vwo_uuid_v2
Value: D826C2D5E1965AC7A5A012858014A0DAB|763a03ef80054ad93055ef267338183c
.ketto.org/ Name: _ga
Value: GA1.2.429549809.1559168405
.ketto.org/ Name: _vis_opt_exp_121_exclude
Value: 1
.ketto.org/ Name: _vis_opt_test_cookie
Value: 1
.www.ketto.org/ Name: __stripe_mid
Value: 5ea86526-d0f2-425d-b378-75dc43f69362
.ketto.org/ Name: WZRK_G
Value: 07895948393042199770e096ff35e43f
www.ketto.org/ Name: k_utm
Value: eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfZmlyc3RvcHRpb24iLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fdGVybSI6InAxIiwidXRtX2NhbXBhaWduIjoic2F2ZXNhcmEifQ%3D%3D
.ketto.org/ Name: KETTOSESSID
Value: ksohvd0v9ie412j4kqk84h9tm6
.ketto.org/ Name: _vis_opt_s
Value: 1%7C
.ketto.org/ Name: _gcl_au
Value: 1.1.1820003498.1559168405
.ketto.org/ Name: _ks
Value: eyJzaWQiOiJlZWRmOWYyMjdjODFlZTliNjFmYjhmOWRjOWNkNDZhYiIsInN0IjoxNTU5MTcwMjA0fQ%3D%3D
.ketto.org/ Name: _ku
Value: 5f16e9cc2e173f64252cd42611fd5508
.facebook.com/ Name: fr
Value: 0NLwLjB3QSAaZoKJe..Bc7wWV..Fzv.1.0.Bc7wWV.
.www.ketto.org/ Name: __stripe_sid
Value: 9bee4f22-f944-45d6-9596-c49aa1e3502c
.ketto.org/ Name: ip_location
Value: eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6Ikhlc3NlbiIsInppcF9jb2RlIjoiNjU5MzEiLCJjaXR5X25hbWUiOiJGcmFua2Z1cnQgYW0gTWFpbiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9237602.fls.doubleclick.net
ad.doubleclick.net
ajax.googleapis.com
analytics.twitter.com
apis.ketto.org
app.profdynamic.com
bam.nr-data.net
box2i.com
cdn.taboola.com
checkout.razorpay.com
connect.facebook.net
cx.atdmt.com
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
displayemailbox.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
js-agent.newrelic.com
js.stripe.com
s.yimg.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
track.vnative.com
trc.taboola.com
trk.profilinet.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ketto.org
wzrkt.com
zeeseclink.com
103.107.120.141
103.107.120.3
104.244.42.195
104.244.42.197
13.126.133.242
143.204.214.10
143.204.214.116
144.217.74.79
147.75.32.173
147.75.33.239
147.75.83.19
151.101.0.176
151.101.2.110
151.101.2.2
151.101.36.157
159.122.87.153
162.247.242.20
172.217.16.134
172.217.21.194
172.217.23.130
2600:9000:20bb:b400:d:e617:f340:21
2600:9000:20bb:be00:d:e617:f340:21
2606:4700:30::681b:9623
2a00:1288:84:800::1001
2a00:1288:84:800::1002
2a00:1450:4001:815::200e
2a00:1450:4001:816::2004
2a00:1450:4001:818::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:821::2003
2a00:1450:4001:824::2002
2a00:1450:4001:824::200a
2a00:1450:4001:825::200a
2a00:1450:400c:c06::9d
2a03:2880:f01c:202:face:b00c:0:8c
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.248.140.41
35.186.199.79
35.201.98.21
54.169.244.171
004c5fc0adcade5670e6138525601703022198c2a34157c23667f76ea272bb18
00c43bebb8f96e646b0c810e12722d64e304a8d3fcf7f3c29c7848773a4a1a0b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0826afca96b775d85994542e72f3c0787e27c85e4d0685b6d561a2e856420b33
08d08b42c485b839714bf5b7a5726cce3f0a6e75e658306e8e5f9126e463920c
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d
0c4592cb56bec1a745568b3dd0746818ec4cb08e996c96175e7abd37d774dc8c
0e0a2e80d44ed3d839d6eaaec988aa6bc926a99673908ef87c1774d6819d4521
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
14506d5cefda5c4dc94bd97ffc77d744079cd2ae3e03bdb1ea6e38a7dc43238f
1495998141c1d663000e168d91710a9259e78cbd168e7891ea91afb5835e6f31
16732a9f01ea1ae2aeb389f72fb4bbec567c3e9748ee9b9b29630b03b6e6ea66
1a5e45ad6ca272ffcfdfd8734e88a51073f6e97c81a74627601adb8f58c20b08
1a760e554353de77b04b4cd1819137d91b26fdb40dae8c160a3baf63e7a56c0d
1ba6f3f9a01598ba42d2485368dd3d62170e30712bebf396e49a0e9160cef6d6
1bfab6e3cdb6215be159113996c650efb74588afee495ced07607a6db2549f53
1d4d178d79752d3442d46b815cb8167299fc03059fe0fa34e8a044c8fcd5fffa
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117
2546897451a1f9e2bb0d17c28666040497a4b5aaed95c81f40b5060d913dc622
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
327e73edf454c40ccda9d74bbab0abab3b5ce4f56d4e37dbd9e0f573ee9e076f
372d169b7a27d2172896094808c64f18add01d3b3f2e5e007da6f2affaa01c11
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
3cf40bb1a33de994771ebbad77d8b4596dfaf3a0e122313788175396a63669fe
40b72f6d2d38b4717b855dc03cddddeee4f04e4f8089062576c629a3260a7dc3
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
480e98104bffae58da471d3c88798bb92cf045e0711a56705bcc4d7633469d65
4a5a5a432041f7089690c0d39c737684da69bbe39977cfa2fcac87fa6ad685fe
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf
669fbe52929575a38eb337b51070255f4a055a03fd6a93d573486d0f0a591344
6a62d83d6ef95ac500fd1dc6af19218c23ffedb7796898ca5b0e25ef7cc991a0
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75055e66134d88f50a71463bc2ec8424fdd4f67f025351eb72c159688bb1cde7
780c27ba988f780180648bee9633d40f3b2487d774798267052d94923aed7f0d
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e89b1f7d6bc54aa2ea23a91fe3eec24a4233133f19192726ebabd678d8550ee
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
92a602705f91ee03d6de465a66d5243a9b2edb45ebf734b1b00eddfce1c6ce42
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156
98d35cc59705f6e71da18776cae4e32efb1b450bf75970f4089266fbab7e1255
a6693bc1d91121fb3bbf86831288f81e9cb999fd6eafdbd67259f867c6940ae5
a9e43e706882e3d41624a9c0c850c63885983622238914fd44c90071de687436
aa886e9ed66008da6cecbec1262a211ed7bee0431588b78b5eb2dff82116b911
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b090e61991ba938ae7e9fde0a6927e506e5abd4213dd6acd4f0213be287f3559
b1be806bb01c79a97e11b61c1f039e1863fde4fad3f5bce8e9fc53ea9e456793
b26859b92e19a1823424ee8b03a8663bf2b286206af03ff964ba6b87fe1f2745
b6ae9f8ffe56342c066f22c90ebb48fc1b6bdcb5f56652f02bc551a821ddecb5
bdc12e1b6b8ca5675d8750d9b149e3cff18e3aa18461be6825e49eab60e158f4
be39072f3010bb5c0e793353417c38e72a20b88d9e34182c20a3b3cac38b00ae
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c61048eefda47b4239cd602cedae0b690459bf07dd0788f6db95591dba1939a0
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d78c5290f2bd882abc9c6d592d11d4c788751ff55033658c138c76ecaeed5e22
d7be6be7709666533c45ece24381aa509457c039d845e7e64764908bbb736592
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf
e21a3d486a99eb5bdd8e2f80dae9d0d71e80475798d5879a1eb3ee6aa7b68703
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4c0024e6dd8d9651fb091902104ae33847de949da906046faf9a7c865cc2c8
f0d0ea3ef19c3d82afe028046f657bfa14d4643320b301ad938e04cba0bfcb37
f13a8f6cfe010a656179e85bf0b4bb284cda735f1111cf092bf671f1b4339938
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f439d06b31431c40366690512548b080d57acdd300dd5ed56d8d7e89ad655595
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c