urlscan.io logo urlscan.io
SecurityTrails logo

www.ketto.org Open in urlscan Pro
143.204.101.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://box2i.com/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXN...
Effective URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firs...
Submission: On June 24 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 10 countries across 31 domains to perform 102 HTTP transactions. The main IP is 143.204.101.68, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon on November 24th 2018. Valid for: a year.
This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.107.120.3 133243 (INSTANTTE...)
1 1 103.107.120.141 133243 (INSTANTTE...)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 144.217.74.79 16276 (OVH)
1 35.201.98.21 15169 (GOOGLE)
1 35.186.199.79 15169 (GOOGLE)
2 143.204.101.68 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
26 2600:9000:204... 16509 (AMAZON-02)
1 13.232.171.10 16509 (AMAZON-02)
3 151.101.0.176 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.101.78 16509 (AMAZON-02)
2 159.122.87.153 36351 (SOFTLAYER)
1 159.122.87.148 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 147.75.205.49 54825 (PACKET)
1 151.101.36.157 54113 (FASTLY)
5 2a03:2880:f02... 32934 (FACEBOOK)
4 151.101.2.2 54113 (FASTLY)
1 2a00:1288:84:... 203219 (YAHOO-AMA)
1 172.217.18.102 15169 (GOOGLE)
2 4 216.58.205.230 15169 (GOOGLE)
7 54.169.244.171 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 34.255.15.164 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 147.75.83.1 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.130 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
1 147.75.83.82 54825 (PACKET)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.2.110 54113 (FASTLY)
1 104.244.42.3 13414 (TWITTER)
1 162.247.242.18 23467 (NEWRELIC-...)
102 39
1    103.107.120.3 (India)

ASN133243 (INSTANTTECHNOSOFT-AS-IN INSTANT TECHNOSOFT, IN)
box2i.com
1    103.107.120.141 (India)

ASN133243 (INSTANTTECHNOSOFT-AS-IN INSTANT TECHNOSOFT, IN)
displayemailbox.com
1    2606:4700:30::681b:9723 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zeeseclink.com
1    144.217.74.79 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pro.profdynamic.com
app.profdynamic.com
1    35.201.98.21 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.98.201.35.bc.googleusercontent.com
trk.profilinet.com
1    35.186.199.79 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 79.199.186.35.bc.googleusercontent.com
track.vnative.com
2    143.204.101.68 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-68.fra50.r.cloudfront.net
www.ketto.org
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
ajax.googleapis.com
26    2600:9000:2047:8000:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net
1    13.232.171.10 (Mumbai, India)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-232-171-10.ap-south-1.compute.amazonaws.com
checkout.razorpay.com
3    151.101.0.176 (United States)

ASN54113 (FASTLY - Fastly, US)
js.stripe.com
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    143.204.101.78 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-78.fra50.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
2    159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
1    159.122.87.148 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s06-in-f130.1e100.net
www.googleadservices.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.205.49 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26
static.hotjar.com
1    151.101.36.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
5    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
4    151.101.2.2 (United States)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
trc.taboola.com
1    2a00:1288:84:800::1002 (United Kingdom)

ASN203219 (YAHOO-AMA, NL)
s.yimg.com
1    172.217.18.102 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s42-in-f6.1e100.net
ad.doubleclick.net
4    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net
9237602.fls.doubleclick.net
7    54.169.244.171 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
apis.ketto.org
1    2a03:2880:f01c:20e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
2    34.255.15.164 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-255-15-164.eu-west-1.compute.amazonaws.com
wzrkt.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
6    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    147.75.83.1 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-23
script.hotjar.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    172.217.23.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net
googleads4.g.doubleclick.net
1    104.244.42.133 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    147.75.83.82 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-29
vars.hotjar.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
staticxx.facebook.com
1    151.101.2.110 (United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
27 cloudfront.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
758 KB
12 doubleclick.net
ad.doubleclick.net
9237602.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
11 KB
9 ketto.org
www.ketto.org
apis.ketto.org
77 KB
6 google.de
www.google.de
701 B
6 google.com
www.google.com
780 B
6 facebook.com
graph.facebook.com
www.facebook.com
staticxx.facebook.com
1 KB
5 facebook.net
connect.facebook.net
140 KB
4 taboola.com
cdn.taboola.com
trc.taboola.com
8 KB
4 google-analytics.com
www.google-analytics.com
18 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
92 KB
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
61 KB
3 stripe.com
js.stripe.com
21 KB
2 wzrkt.com
wzrkt.com
967 B
2 googletagmanager.com
www.googletagmanager.com
64 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
30 KB
1 nr-data.net
bam.nr-data.net
261 B
1 twitter.com
analytics.twitter.com
670 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 t.co
t.co
485 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 yimg.com
s.yimg.com
4 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 googleadservices.com
www.googleadservices.com
9 KB
1 gstatic.com
fonts.gstatic.com
10 KB
1 razorpay.com
checkout.razorpay.com
21 KB
1 vnative.com
track.vnative.com
321 B
1 profilinet.com
trk.profilinet.com
1010 B
1 profdynamic.com
app.profdynamic.com
303 B
1 zeeseclink.com
zeeseclink.com
343 B
1 displayemailbox.com
displayemailbox.com
447 B
1 box2i.com
box2i.com
421 B
102 31
Domain Requested by
26 d1vdjc70h9nzd9.cloudfront.net www.ketto.org
ajax.googleapis.com
7 apis.ketto.org www.ketto.org
6 www.google.de www.ketto.org
6 www.google.com 1 redirects www.ketto.org
5 googleads.g.doubleclick.net www.googleadservices.com
5 connect.facebook.net app.profdynamic.com
d1vdjc70h9nzd9.cloudfront.net
connect.facebook.net
4 www.facebook.com connect.facebook.net
www.ketto.org
4 9237602.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.ketto.org
3 trc.taboola.com www.ketto.org
3 dev.visualwebsiteoptimizer.com www.ketto.org
dev.visualwebsiteoptimizer.com
3 js.stripe.com www.ketto.org
js.stripe.com
2 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
2 www.googletagmanager.com www.ketto.org
www.googletagmanager.com
2 www.ketto.org trk.profilinet.com
www.ketto.org
1 bam.nr-data.net js-agent.newrelic.com
1 analytics.twitter.com static.ads-twitter.com
1 js-agent.newrelic.com www.ketto.org
1 staticxx.facebook.com connect.facebook.net
1 vars.hotjar.com static.hotjar.com
1 t.co www.ketto.org
1 googleads4.g.doubleclick.net www.ketto.org
1 www.googletagservices.com ad.doubleclick.net
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net 1 redirects
1 graph.facebook.com www.ketto.org
1 ad.doubleclick.net app.profdynamic.com
1 s.yimg.com app.profdynamic.com
1 cdn.taboola.com app.profdynamic.com
1 static.ads-twitter.com app.profdynamic.com
1 static.hotjar.com app.profdynamic.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.gstatic.com www.ketto.org
1 d2r1yp2w7bby2u.cloudfront.net www.ketto.org
1 checkout.razorpay.com www.ketto.org
1 ajax.googleapis.com www.ketto.org
1 fonts.googleapis.com www.ketto.org
1 track.vnative.com trk.profilinet.com
1 trk.profilinet.com app.profdynamic.com
1 app.profdynamic.com
1 zeeseclink.com 1 redirects
1 displayemailbox.com 1 redirects
1 box2i.com 1 redirects
102 43
Subject Issuer Validity Valid
ady.adsyatra.net
Let's Encrypt Authority X3		 2019-06-21 -
2019-09-19		 3 months crt.sh
*.vnative.com
COMODO RSA Domain Validation Secure Server CA		 2017-08-19 -
2019-08-19		 2 years crt.sh
ketto.org
Amazon		 2018-11-24 -
2019-12-24		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.razorpay.com
Amazon		 2018-09-27 -
2019-10-27		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-21 -
2019-09-03		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2018-08-16 -
2019-08-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-01 -
2019-09-07		 5 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-06-03 -
2019-07-18		 a month crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
apis.ketto.org
Let's Encrypt Authority X3		 2019-04-10 -
2019-07-09		 3 months crt.sh
wzrkt.com
DigiCert ECC Secure Server CA		 2018-11-11 -
2019-11-20		 a year crt.sh
www.google.de
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
www.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-28 -
2020-01-28		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 8 frames:

Primary Page: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Frame ID: 429435ED172077ED26736EB62DC43B05
Requests: 96 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Frame ID: CFD65AF485EAD8987CEE8E1CEC3CBC32
Requests: 1 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Frame ID: 24B0D3631601D9B9CDFCE30EA1E909FA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default167291&stripe_xdm_p=1
Frame ID: E7F09A6A8E73F57C0EF79804CD3028B6
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 3B06733AEDF33CE8625FF7C3D497E0EA
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: A6314F0A3BEF0DC80A466E336AF48B39
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: EB656996FABA9190009126D42AE9BA88
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 76B9AFFCA4094C9CB7F9AF45BA4C8FFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://box2i.com/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=... HTTP 301
    http://displayemailbox.com/emm/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNv... HTTP 302
    http://zeeseclink.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09 HTTP 301
    http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09 Page URL
  2. https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=39 Page URL
  3. https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

102
Requests

99 %
HTTPS

38 %
IPv6

31
Domains

43
Subdomains

39
IPs

10
Countries

1370 kB
Transfer

4105 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://box2i.com/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRFVVTnNTMmRXWVV4M1ZFTlBTREp0SzJ4MU9VUTRRVDA5&e=1 HTTP 301
    http://displayemailbox.com/emm/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRFVVTnNTMmRXWVV4M1ZFTlBTREp0SzJ4MU9VUTRRVDA5&e=1 HTTP 302
    http://zeeseclink.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09 HTTP 301
    http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09 Page URL
  2. https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=39 Page URL
  3. https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://box2i.com/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRFVVTnNTMmRXWVV4M1ZFTlBTREp0SzJ4MU9VUTRRVDA5&e=1 HTTP 301
  • http://displayemailbox.com/emm/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRFVVTnNTMmRXWVV4M1ZFTlBTREp0SzJ4MU9VUTRRVDA5&e=1 HTTP 302
  • http://zeeseclink.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09 HTTP 301
  • http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Request Chain 42
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1 HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Request Chain 43
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1 HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Request Chain 58
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1909470688&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&dr=https%3A%2F%2Ftrk.profilinet.com%2F&ul=en-us&de=UTF-8&dt=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&_u=YEBAAAAB~&jid=1302413188&gjid=176166254&cid=1897084972.1561361121&tid=UA-30181760-1&_gid=1886156557.1561361121&_r=1&gtm=2wg6c0MJRMLZ&cd12=1561361119800.c69ky7j&z=16287369 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_gid=1886156557.1561361121&gjid=176166254&_v=j76&z=16287369 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_v=j76&z=16287369 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_v=j76&z=16287369&slf_rd=1&random=2298876337

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
urls
app.profdynamic.com/
Redirect Chain
  • http://box2i.com/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRFVVTnNTMmRXWVV4M1ZFTlBTREp0SzJ4MU9VUTRRVDA5&e=1
  • http://displayemailbox.com/emm/redirect.php?id=PDVjYmM5MGNjZTZiY2YwNDMzMjJjOGEyMzBkYWQxZDc0QGJveDJpLmNvbT4=&ref=aHR0cDovL3plZXNlY2xpbmsuY29tL3VybHM/cT0zRFVVTnNTMmRXWVV4M1ZFTlBTREp0SzJ4MU9VUTRRVDA5&e=1
  • http://zeeseclink.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
  • http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
96 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
HTTP/1.1
Server
144.217.74.79 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
pro.profdynamic.com
Software
Apache /
Resource Hash

Request headers

Host
app.profdynamic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Jun 2019 07:25:15 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 24 Jun 2019 07:25:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 24 Jun 2019 08:25:16 GMT
Location
http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4ebcf77f9a5e980e-FRA
5c89de73b6920d1b591ddc8d
trk.profilinet.com/ 		709 B
1010 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=39
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.98.21 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
21.98.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
80bba14912a07e4e8760f6aa85440e3d41520f598e9fd1fb588dff2a8a95a898

Request headers

:method
GET
:authority
trk.profilinet.com
:scheme
https
:path
/5c89de73b6920d1b591ddc8d?url_id=39
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09

Response headers

status
200
server
nginx
date
Mon, 24 Jun 2019 07:25:15 GMT
content-type
text/html
content-length
709
x-rt
4
set-cookie
__vnativetracking=91b658e6-afd2-47a6-9956-eff5e81b510e; expires=Wed, 24 Jun 2020 07:25:16 GMT; path=/; HttpOnly __vnativeverify_v3=9Z94j7a7NMMwsP8qZvsBvMzAc5RgP7UYwZD303h2Ows; expires=Tue, 25 Jun 2019 07:25:16 GMT; path=/; HttpOnly
via
1.1 google
alt-svc
clear
pv2
track.vnative.com/ 		21 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.vnative.com/pv2?c=5d107adcb63efe0453e243ef&a=5ac70aaab6920d1b2b2a6042&h=6b06596e60a2bca20410379cd6db974aad18a43189d07a180ecece6aa794c8e7&cb=xYz
Requested by
Host: trk.profilinet.com
URL: https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.199.79 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
79.199.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://trk.profilinet.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:16 GMT
content-encoding
gzip
server
nginx
etag
W/"15-YQrJ5jySBCV5tusAe2Cb+g"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
no-cache, max-age=0
alt-svc
clear
via
1.1 google
Primary Request supportharshitha
www.ketto.org/stories/ 		276 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Requested by
Host: trk.profilinet.com
URL: https://trk.profilinet.com/5c89de73b6920d1b591ddc8d?url_id=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-68.fra50.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
ab9a9400a10741414bbb15b9b05cc6dfb12523f5f4cb8ffd5e3c93b526bfe807

Request headers

:method
GET
:authority
www.ketto.org
:scheme
https
:path
/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://trk.profilinet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://trk.profilinet.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2019 07:25:17 GMT
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pageurl-1
1
pragma
no-cache
vary
Accept-Encoding
x-mod-pagespeed
1.13.35.2-0
x-powered-by
PHP/5.6.40
set-cookie
KETTOSESSID=ahn1igtam44dv0okrpfqvrqg13; path=/; domain=.ketto.org k_utm=eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfZmlyc3RvcHRpb24iLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fdGVybSI6InAxIiwidXRtX2NhbXBhaWduIjoic3VwcG9ydGhhcnNoaXRoYSJ9; expires=Sat, 21-Dec-2019 07:25:17 GMT; Max-Age=15552000; path=/ ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Mon, 01-Jul-2019 07:25:17 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=b5e71b31cbdeee77f4c2c5363635550b; expires=Wed, 31-May-2119 07:25:17 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiJhNzJkYzczMzc2ODA2YzM3MjYxYmQ4ZTZlYjM0YjQzZCIsInN0IjoxNTYxMzYyOTE3fQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Mon, 01-Jul-2019 07:25:18 GMT; Max-Age=604800; path=/; domain=.ketto.org
x-cache
Miss from cloudfront
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7a7u0F7vQAPziGtN4Wpw1zlZMqUsBzLwrhzLiaRrmepZ-lrnUzxi_g==
css
fonts.googleapis.com/ 		5 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0c4592cb56bec1a745568b3dd0746818ec4cb08e996c96175e7abd37d774dc8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 24 Jun 2019 07:25:18 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 24 Jun 2019 07:25:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 24 Jun 2019 07:25:18 GMT
story-custom.91b4ae.css
d1vdjc70h9nzd9.cloudfront.net/less/ 		296 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc3efd4158c7ca75c9fc1a167e098e831d03d2f344cc78d54aa39611630a8523

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Jun 2019 07:27:29 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 06:55:05 GMT
server
AmazonS3
age
69673
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
u8tv0kvnHJm00deMTxkwruW9REGS6EzGGJEKHhEZHGD4ISlCtqoRRQ==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
stories.designD.bundle.591252.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		104 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9dd8a9994cf73fe3e5400885977b90713219032adf4553ed554c33b6a9be260f

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 06:52:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA53
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
x-amz-cf-id
gt8egLCeECiBqFpJw1ymC8nHMb46f7YsyAP1ft8_JrWLOX2J-bcYHw==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 13:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
496624
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30028
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jun 2020 13:28:14 GMT
angular.min.js
d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/angular.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 20:01:43 GMT
content-encoding
gzip
last-modified
Sat, 12 May 2018 15:51:07 GMT
server
AmazonS3
age
1941816
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
x-amz-cf-id
RnYjPBIyNnaOq_wv2gfe5XYF3mOQH_q7PSHK2PxsCn3j4ODbCzKDuA==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
47b69ca38b4837fe0433b7a9a33a507ccd00b9c1.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/92000/92034/image/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/92000/92034/image/47b69ca38b4837fe0433b7a9a33a507ccd00b9c1.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05662a5179f15da38c54802519afb2d82ebfb1604bb1476b3a0054587712bf24

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Jun 2019 10:28:53 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Thu, 18 Apr 2019 12:03:18 GMT
server
AmazonS3
age
248186
etag
"f0ba50a9e32f7bd12f239e457de805c1"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
57039
x-amz-cf-id
LL8U2vWqUwinkLN3_2yrgEaGFifeQDAIDbq7SIsVM1UsD7HrZ48LhA==
ketto_assured_icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/ketto_assured_icon.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 01:17:52 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:11:56 GMT
server
AmazonS3
age
1922846
etag
"200ceec5ec95c93879aad89ad37c2b2c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
8241
x-amz-cf-id
eZo2UzgduoKQg31jri6Sq_LrLGQv53WuiWou4dBpowKRwroNwQj-EA==
check-circle.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		525 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 May 2019 23:21:27 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:09:56 GMT
server
AmazonS3
age
2361832
etag
"da1437e83409e90ba99351cd977c1972"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
525
x-amz-cf-id
zL-ZjcV0S_Ww7CS0BtbpolR8ERmVod8_TQ7o5g-VKeZYTfYr6ewYBw==
5cb4239ee707b.png
d1vdjc70h9nzd9.cloudfront.net/media/campaign/92000/92034/image/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/92000/92034/image/5cb4239ee707b.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4792427f6aa5c2c7474f6596433112e4e8b68f45c9d83075ceaa63638bff2a42

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 13:50:47 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2019 06:24:32 GMT
server
AmazonS3
age
4296872
etag
"236e1fa0313ea7a5d635564860cbd9ae"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=315360000 public
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
27552
x-amz-cf-id
d_ozVuITQevpS30mChk2XTl5HJvJZR5U51cHRm-Ji9PVpICIZGU2yA==
success.svg
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/success.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Jun 2019 01:33:33 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:15 GMT
server
AmazonS3
age
1835506
etag
"b3ac3ad9144c660c6f162cfc15d848f4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
947
x-amz-cf-id
Ued1LJXyq5w42wfdvU7ZdywxXlVVO8bsuMdlWA9QkU_9_oEa1aCgsg==
check-circle2.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		271 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle2.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 04:06:41 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Fri, 18 Jan 2019 07:42:34 GMT
server
AmazonS3
age
11918
etag
"48dd2ff3300166f57ecdbe39efd4bb27"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
271
x-amz-cf-id
nbbs_sz2QYu4CezS4UoQsw0UBLh9wMJYTlagcqwe0ZJi_tjs7gJkpA==
razorpay.js
checkout.razorpay.com/v1/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.razorpay.com/v1/razorpay.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.232.171.10 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-232-171-10.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
feb667cc56b9a7ce18c34a31b785be2105c3930d9388d392f4153701b597ed31
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Jun 2019 07:25:18 GMT
Content-Encoding
br
Last-Modified
Fri, 21 Jun 2019 11:57:51 GMT
Etag
"5d0cc63f-5415"
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=315360000; includeSubdomains
Access-Control-Allow-Headers
origin
Content-Length
21525
X-Xss-Protection
1; mode=block
/
js.stripe.com/v2/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
669fbe52929575a38eb337b51070255f4a055a03fd6a93d573486d0f0a591344
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:18 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
34
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
20945
x-amz-id-2
52pSmEB3mTza+tQMGaQ5v2cu/riTG4ZdLwfn6MNRQZNEP6/87vwzsyBihpUeAcw0XGeHwxvsoTE=
x-served-by
cache-hhn1547-HHN
last-modified
Mon, 20 May 2019 21:32:27 GMT
server
AmazonS3
x-timer
S1561361119.554028,VS0,VE0
etag
"96010bc114bba9087e00d973fadec762"
vary
Accept-Encoding
x-amz-request-id
6D50DA9A75C7F801
via
1.1 varnish
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
39
stories.bundle.min.c21de8.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		107 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/stories.bundle.min.c21de8.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00a0fbb14e440afad694562de78d31471c2bda804e0aa974f64ebca91beb9b3c

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 18 Jun 2019 12:27:31 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 12:25:42 GMT
server
AmazonS3
age
64650
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
QGg3R5hnsubDtEjFkFUo9oCzLzOOva-lj7nABqvXKi3OYnrPgFSysg==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
storiesDefer.bundle.min.498bd6.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		743 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.498bd6.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b090e61991ba938ae7e9fde0a6927e506e5abd4213dd6acd4f0213be287f3559

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 17 May 2019 11:50:38 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 11:48:39 GMT
server
AmazonS3
age
55718
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
Pt1vF7c-ALpTif-n8UzlIpFUKJe4u-tF4wmVykSiCJR9-vnFt9Jwwg==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		207 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4f10fbaf9518dc84eb64b84d092c95b3120579f6d6e632777270f7d91f1667c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
br
last-modified
Fri, 21 Jun 2019 21:57:45 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
39896
x-xss-protection
0
expires
Mon, 24 Jun 2019 07:25:19 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.78 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-78.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
780c27ba988f780180648bee9633d40f3b2487d774798267052d94923aed7f0d

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 24 Jun 2019 07:23:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 May 2019 12:23:51 GMT
Server
AmazonS3
Age
257
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, private
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
X-Amz-Cf-Id
a4yvG60KU8-7qWlU5FIeVVk7DWMeJ9yJMIDCggyk13ea2Nix5q3SNA==
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&r=0.7482878183244532
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
ec2ac4a50049dd478b1ee71208413228376bfa66054363558058cda76d945e75

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
gzip
server
dacdn2
content-type
application/javascript; charset=UTF-8
source-sans-pro-v11-latin-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-regular.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
Origin
https://www.ketto.org

Response headers

date
Thu, 30 May 2019 21:21:38 GMT
via
1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
age
295173
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15908
last-modified
Tue, 20 Nov 2018 09:29:44 GMT
server
AmazonS3
etag
"76d8cbb0496cb184eff868152b67ad45"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
1yeAnil8KaKWYyH6ZFza2QM8j5QMJks_u0nd57QmauC3iyhobEc-xA==
fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
Origin
https://www.ketto.org

Response headers

date
Sat, 11 May 2019 08:48:01 GMT
via
1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
age
3796639
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
71896
last-modified
Mon, 07 May 2018 14:12:37 GMT
server
AmazonS3
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Origin
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
PvzDkM3s0LKasbXS0nMxjwbFVl9tP71jSHLv6tgOTzEq_KbtiNYFug==
va-497fa286b4488cb80031c1347b65f039.js
dev.visualwebsiteoptimizer.com/6.0/ 		180 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/va-497fa286b4488cb80031c1347b65f039.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&r=0.7482878183244532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
3ee8b901b40f5b283f39f8222737d191afc5e0783dbfd9a579d8f05e5b65fbfd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 08:12:41 GMT
server
fra1dacdn
access-control-allow-origin
*
etag
"5d0b3ff9-ecea"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
60650
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=326437&d=ketto.org&u=DEE8FD47078D08C33D8D3BB30940649A6&h=e26af5b5f1e4eaa5cbac21696a690fe9&t=false&r=0.11527781049982999
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:19 GMT
x-content-type-options
nosniff
server
dacdn2
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
logo-light-bg.svg
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 02 Jun 2019 17:33:10 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2018 14:11:57 GMT
server
AmazonS3
age
1864330
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
x-amz-cf-id
z5xhMgRSXGZi353077EKnsEb3T1k_zwCkyLgzc-5Fk32HdF-q1LAEw==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
icon-secure-lock.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/icon-secure-lock.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Jun 2019 22:09:19 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Thu, 13 Dec 2018 11:12:04 GMT
server
AmazonS3
age
33361
etag
"b073ad3e3f41cfd507c4b09034b210ee"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
1552
x-amz-cf-id
TzQNxazP87cia83Ho7h-_WMhfOvZAyRy-Wilae46uvTshZueBbChRg==
mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/mi-shine.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 May 2019 01:18:49 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:02 GMT
server
AmazonS3
age
2268390
etag
"37d16b2f8ba85dd0f6daa5db90b7f902"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
3890
x-amz-cf-id
eneuAbq9r2-GRwY6zFVQbpZU1yhdzE21DlAUEVrJXgVBWSinpoYuYg==
faq_sprite_desktop.png
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/faq_sprite_desktop.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1495998141c1d663000e168d91710a9259e78cbd168e7891ea91afb5835e6f31

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Jun 2019 23:03:52 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2019 06:02:27 GMT
server
AmazonS3
age
30088
etag
"2a170838ebc32dbeccb194145f221f33"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
59740
x-amz-cf-id
lmx0WuW9pn6eyZKlob_0Bo6o_7JJs7EeNooyiFUhO9tp_1EDwcswXA==
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v8/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Noto+Sans:400,700
Origin
https://www.ketto.org

Response headers

date
Sun, 02 Jun 2019 21:43:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:29:01 GMT
server
sffe
age
1849297
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10292
x-xss-protection
0
expires
Mon, 01 Jun 2020 21:43:42 GMT
source-sans-pro-v11-latin-700.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-700.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.591252.css
Origin
https://www.ketto.org

Response headers

date
Mon, 20 May 2019 21:00:01 GMT
via
1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
age
554973
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15480
last-modified
Tue, 20 Nov 2018 09:29:43 GMT
server
AmazonS3
etag
"f04441cfc122bf84e1cf24058fddba87"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
NMoRszpJFniiYq5DuvnmDSFV5-m4lpayiOar-CtUDvHZ07pP1L6Otw==
glyphicons-halflings-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story-custom.91b4ae.css
Origin
https://www.ketto.org

Response headers

date
Sun, 12 May 2019 14:46:18 GMT
via
1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
age
59563
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
18028
last-modified
Tue, 20 Nov 2018 09:29:35 GMT
server
AmazonS3
etag
"448c34a56d699c29117adc64c43affeb"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
yrsboCD8ma-mN55wjMumUr7HYzH_GjJr_gPPgaCV3w3mC9zfNFp2GQ==
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8912
x-xss-protection
0
server
cafe
etag
11386026576561889187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jun 2019 07:25:19 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5214
date
Mon, 24 Jun 2019 05:58:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Mon, 24 Jun 2019 07:58:25 GMT
hotjar-200024.js
static.hotjar.com/c/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-200024.js?sv=5
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.49 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-26
Software
openresty /
Resource Hash
a0fa530213ec485bfd358f31287b35ffae165c6a25801a89316c572ce27f4b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
20
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
2912
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/874058f041fd8aa9bba97bc1f2f2d6d2
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.072
accept-ranges
bytes
section-io-id
131e5c151810aeef5d65b6825e14f5f6
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.36.157 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
gzip
age
57704
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-ams21039-AMS
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1561361120.915595,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
16120
x-xss-protection
0
pragma
public
x-fb-debug
4YiqknHdkA0HLaGeDk89xJNmsjAunM9rauAFNiqtseVOerRt3/5wSHf2Ke6gMWkR8G9wVJ+MEeVyqBJ8EqYLBQ==
x-fb-trip-id
42392124
date
Mon, 24 Jun 2019 07:25:19 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1034141/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1034141/tfa.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f439d06b31431c40366690512548b080d57acdd300dd5ed56d8d7e89ad655595

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
MGU9_68nn.YALyTdtmO.0cKOGreqgeWu
content-encoding
gzip
age
0
x-cache
HIT
status
200
date
Mon, 24 Jun 2019 07:25:20 GMT
x-amz-replication-status
COMPLETED
content-length
7735
x-amz-id-2
YRskgA4fEAE5dzrZPMLD5rrLS0KWmuVi8Pw4Ymsxr76+nwzwxa+/14SppugbRh/u0ZTGhgA2t0g=
x-served-by
cache-hhn1535-HHN
last-modified
Mon, 13 May 2019 07:05:18 GMT
server
AmazonS3
x-timer
S1561361120.916137,VS0,VE101
etag
"1ebc722c3da75a7a11e787ea7ea89336"
vary
Accept-Encoding
x-amz-request-id
6A4EE7D1F165A541
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
89
x-cache-hits
1
ytc.js
s.yimg.com/wi/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:84:800::1002 , United Kingdom, ASN203219 (YAHOO-AMA, NL),
Reverse DNS
Software
ATS /
Resource Hash
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1458
x-amz-server-side-encryption
AES256
status
200
content-length
4448
strict-transport-security
max-age=15552000
x-amz-request-id
3B9B9F6041446686
x-amz-id-2
fcrTQV7ivTIxUM9knVlGNJ2ZJDZm4a3MMrV0YF4Ia1zFYFes2mMhr/yqz9r6/Yc9DYNGRSYOK78=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 05 Jul 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 31 May 2019 22:18:05 GMT
server
ATS
etag
"1d72561a5f66715aa4a2babd0b8987c9-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
x-amz-version-id
Dh6yBlFuV3eUpSuznZOxayGIozmAPxNs
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
accept-ranges
bytes
content-type
application/javascript
js
www.googletagmanager.com/gtag/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782023289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5eb3fc2d0958739eddace2ef8d827c187a8d6db0eba5b2211b131eef7c3336b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
br
last-modified
Fri, 21 Jun 2019 21:58:16 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25489
x-xss-protection
0
expires
Mon, 24 Jun 2019 07:25:19 GMT
B22411221.241945247;sz=1x2;ord=865017927418
ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=865017927418?
Requested by
Host: app.profdynamic.com
URL: http://app.profdynamic.com/urls?q=UUNsS2dWYUx3VENPSDJtK2x1OUQ4QT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
8c5869dfea67fb092475cee79afc8688208e6a2557cb3796159a5cfd58b60a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
3026
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fw...
9237602.fls.doubleclick.net/ Frame CFD6
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsu...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmXheiBtkfq3aQ3FBnq-9RAduCwy7AlbknWFbLONS6o-1Ju5HOXKgmlyX2D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 24 Jun 2019 07:25:20 GMT
expires
Mon, 24 Jun 2019 07:25:20 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
410
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 24 Jun 2019 07:25:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CLjYuLfLgeMCFUGWdwod0IYBWg;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=5965087202462;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
IDE=AHWqTUmXheiBtkfq3aQ3FBnq-9RAduCwy7AlbknWFbLONS6o-1Ju5HOXKgmlyX2D; expires=Sat, 18-Jul-2020 07:25:20 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.kett...
9237602.fls.doubleclick.net/ Frame 24B0
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ke...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportha...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f230.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmXheiBtkfq3aQ3FBnq-9RAduCwy7AlbknWFbLONS6o-1Ju5HOXKgmlyX2D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 24 Jun 2019 07:25:20 GMT
expires
Mon, 24 Jun 2019 07:25:20 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
403
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 24 Jun 2019 07:25:20 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CKncuLfLgeMCFdeXdwodyR4DOg;src=9237602;type=sitew0;cat=dcm_s0;ord=925642427747;gtm=2wg6c0;auiddc=1450790680.1561361120;u1=%2Fstories%2Fsupportharshitha;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
IDE=AHWqTUk8Pn9GcaE1cRiOLkWmUCb8zM7orUNmDeVYzSPr7vs4zNXvioUeDxTOsl7j; expires=Sat, 18-Jul-2020 07:25:20 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d1vdjc70h9nzd9.cloudfront.net
URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.498bd6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
707d834333303eac803187c9b9ba4ac1a28158f263f008eb373efb87ca0259ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QhmIU0/bCTVhT5DOvkNIdQ==
status
200
date
Mon, 24 Jun 2019 07:25:19 GMT
vary
Accept-Encoding
content-length
1778
x-fb-debug
wlAJt2gDlAfaQ3UWicikCmF9nGAidmoe/lilOKw9X9ElhyP3odnXB3TwOi8k4Y6ZViPnCGx4SlTqfcVoCgrZvQ==
x-fb-trip-id
42392124
x-fb-content-md5
c5e7aa4f133cbc669d6b09465e5e8e07
etag
"908fe297200e29dc262594d95c400caa"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jun 2019 07:35:11 GMT
iplocation
apis.ketto.org/api/third_party/ 		192 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/third_party/iplocation
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
d6bafc5d5605fbff8318e76918edca188e409adb4e5040d4daa0d4ceedcc6a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
supportharshitha
apis.ketto.org/api/fundraisers/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/supportharshitha?with=viewmedicalbill
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
994a697ff09b543e742b3b24796c74f046b7bf50754a45491ed53fc3fa523af2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
comments
apis.ketto.org/api/fundraisers/supportharshitha/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/supportharshitha/comments?limit=5&page=1
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
84c69f5d15322bc501f291ceb926354923318a42b0ad230669a2834ab47a584f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/92034/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/92034/donors?with=donoravtar;comments;activation&donor_entity_details_id=undefined&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/92034/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/92034/donors?with=donoravtar;activation&limit=10&page=1&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
124ae07c109f70a815572735aed19e1595167f26fb82401e8136c7633606acfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
updates
apis.ketto.org/api/fundraisers/92034/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/92034/updates?with=owner.avtar&limit=1&page=1&orderBy=id&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
35f3565f20c4e3571097cef77f8f7707afbdbfaa88270244047ff8650e8251d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
storiesDefer.bundle.af2aef.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		142 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480e98104bffae58da471d3c88798bb92cf045e0711a56705bcc4d7633469d65

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 May 2019 13:53:41 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 13:42:46 GMT
server
AmazonS3
age
14286
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
n-CNNT-92lckeGlZWIcLgq5UgaMyKQcB9ufi6ukuzsryW1yWKyYyfw==
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
/
graph.facebook.com/ 		197 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https://www.ketto.org/stories/supportharshitha&fields=engagement&access_token=1045930105596680%7C3fdc5d46a8d6e56dda75227d68482c5b
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
3ce41c0fc0aa5e0684996bc2164b7f079835e7af0879cdfffe84018685f7a75f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"0ce24ae7873c9f4f50f4a540944f69d29c87f13c"
x-app-usage
{"call_count":38,"total_cputime":0,"total_time":3}
status
200
x-fb-rev
1000870782
content-length
115
pragma
no-cache
x-fb-debug
uhG0p+GVWLWt8FphHlj5cb/WJ6Oh+iu5eLTDfn7jEn0E21IaIJ6Ih1yCbkgDTWJHdRUQUyzsTUoS9LJHthGfCA==
x-fb-trace-id
APBw13pU4Uq
date
Mon, 24 Jun 2019 07:25:20 GMT
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A60lJ45DSQi_CYOq2q38naR
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v3.2
expires
Sat, 01 Jan 2000 00:00:00 GMT
mark
trc.taboola.com/ketto-sc/log/3/ 		0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/ketto-sc/log/3/mark?marking-type=Visitor&item-url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&gtmcb=1312298128
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1561361120.436872,VS0,VE8
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
cache-control
no-cache
access-control-allow-credentials
true
x-cache-hits
0
accept-ranges
bytes
content-type
image/gif
access-control-allow-origin
*
x-served-by
cache-hhn1535-HHN
a
wzrkt.com/ 		239 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=90&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciAwiVIQJYDmaABAGo0wDuMAJtrmACKEwhBKH4oaAYxiMAKtDIhxAZwDWYAPZReABUJ0ZAVQBKAGQQgA9Ms0AnNsusBXKFA22wAC0K3lnml4iOADKMMrKNBpMAJL8FgCsAEaEAAyJAGYAbPEAHDApXDkA7OkAjFxZiaUALOmSpSlJ6TmlQSDROowAglxctmHKFjkAnAB0AEzVY5nVo6VF47wAQrYa7MowthbknqukvJTE1PRMsgEANooAshCMXIROdJ5gm4yShGiAmARgjOyE56pGB8uIxVDAYFBlL9aOcaGg6Iw4YjiKQ0BtGMc0KNGDpLoR0Z4YOcoIxCVscPg6BpGLELEVSgBmYa8ACiqAwNLiiBSBwe6NpiFK8R5OEOxwYnIsw3GKQZ1V5R1oEvksAshB4OEMsiujGCGictmkFhgAA8XrY0P8APrpGi%2BTRQMCRNC8LU6q7cGhOYjG4gw13axhipUuxDKFxuDzeXz%2BQK8FUwK1dJYWFMAXxwNB4iGqxkyAFpqkUcvnjMZqgAtXhQOgIUppoAAA%3D&rn=1&i=1561361120&sn=0&r=1561361120420
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.255.15.164 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-255-15-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bd7e0873fed71eeb59c1c17b831c8cfd4eeaa6a8f8fc7ec6aa27804e796b8ce

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
channel.html
js.stripe.com/v2/ Frame E7F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default167291&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default167291&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
x-amz-id-2
d9J8RWkkhU9kSX5y7+rYsSG1GSmUev12h/hzhQWmidslG4tktfj0BbFdwey8Y1AfkSqDMU6iZrg=
x-amz-request-id
6960D207AD4D1E0F
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 24 Jun 2019 07:25:20 GMT
via
1.1 varnish
age
193
x-served-by
cache-hhn1547-HHN
x-cache
HIT
x-cache-hits
210
x-timer
S1561361120.465256,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
560
92034
apis.ketto.org/api/answer/ 		113 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/answer/92034?user_id=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
1e7d5d203bc2f19aa87dae274edddb22f8c8b6a2946f036826cb8edbb1a6bd34

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
server
nginx/1.11.9
status
403
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache, private
bc78676dc356494c49f21dea549a325252f93e1b.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/bc78676dc356494c49f21dea549a325252f93e1b.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
199db9a8ba29fc684f449d6e90c3f6367977ca8e80f4b3515b069c3a7ba0d31d

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 06 May 2019 05:42:19 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Thu, 18 Apr 2019 11:49:57 GMT
server
AmazonS3
age
4239782
etag
"54a90b042998beba06e5223539469509"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
47123
x-amz-cf-id
p_GoOAObGnHzetA0BXk7XnHs5r8xiZnTJ6GiO7ScFEgdgiKsYNF7kg==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1909470688&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_gid=1886156557.1561361121&gjid=176166254&_v=j76&z=16287369
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_v=j76&z=16287369
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_v=j76&z=16287369&slf_rd=1&random=2298876337
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_v=j76&z=16287369&slf_rd=1&random=2298876337
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1897084972.1561361121&jid=1302413188&_v=j76&z=16287369&slf_rd=1&random=2298876337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=1909470688&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&dr=https%3A%2F%2Ftrk.profilinet.com%2F&ul=en-us&de=UTF-8&dt=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her&_u=YEDAAAAB~&jid=&gjid=&cid=1897084972.1561361121&tid=UA-30181760-1&_gid=1886156557.1561361121&gtm=2wg6c0MJRMLZ&cd7=150&cd8=supportharshitha&cd9=92034&cd10=ad&z=1567386949
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 07:58:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1812434
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
441308802710601
connect.facebook.net/signals/config/ 		229 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/441308802710601?v=2.8.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7411aad7bc1419b6591c42a211f696b20232d9f471c509608342e76d612c33f2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
u8gom22K+W7RPyyxWeHiXjcmEle0iQtjy7MEfp/ubIEM9Bx5ibkzSc0DCNi8Ck5SJmN6kFsP0SzmfoygRVidXw==
x-fb-trip-id
42392124
date
Mon, 24 Jun 2019 07:25:20 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1561361120592&cv=9&fst=1561361120592&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
482ab1b1e3531360a2031de494307726605410f930e7ecf536a1d60ba3554450
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1139
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/?random=1561361120596&cv=9&fst=1561361120596&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=592230571&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&li=0-0_1-3929_2-3930_3-2790_4-3022&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2ac96d443f75f621d470154a94cc6a45eb750bb9bdf9ed7a43f282a73ac617d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1095
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1561361120598&cv=9&fst=1561361120598&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e9d227890b641d0ab59377385fff6f777ae63c8487453cc63390990e2412c05a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1082
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1561361120599&cv=9&fst=1561361120599&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
32c921daa56738b99b2fa051601837ec31664ccdf03714f9526c361a99077aca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1081
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.5adb9a3caf86661ae2d7.js
script.hotjar.com/ 		425 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5adb9a3caf86661ae2d7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.1 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-23
Software
/
Resource Hash
a9766bcb557428e90485f08dcc532705af5c001e360a621c72ad219e427c4514
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jun 2019 06:26:11 GMT
access-control-allow-origin
*
etag
W/"1cd883579fbba48086c68ef88b85bd67"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.025
section-io-origin-status
200
accept-ranges
bytes
section-io-id
05945627d35179c3b8d80ed1904808d7
content-length
90727
lidar.js
www.googletagservices.com/activeview/js/current/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=865017927418?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7c968a685a723657273268cdedaae4a93f4659d3e4d6ce4f09f54f4a6255cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1561115551053641"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28529
x-xss-protection
0
expires
Mon, 24 Jun 2019 07:25:20 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-4jx1LcQCyuBBnUoakO5ZDDv5NNg1nNEg7P1F5L4U8Vu6SBonVkov0PI8smndjHdBlJ22Lv_YJQ1Vm8V8BeKrXdUdv0urzWdG8hapmOwkTo9cqUE&sig=Cg0ArKJSzKS63YWOGxNYEAE&urlfix=1&adurl=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/ 		198 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c6206daacee5a394fcb679ac71d29f6d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
dfe2f04474a824d7f8a21d2f6ab5c06ec7046e88e7d8b15ed23693984acb4a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/qOBbudGzDQKlsQOnZHKvQ==
status
200
date
Mon, 24 Jun 2019 07:25:20 GMT
vary
Accept-Encoding
content-length
60163
x-fb-debug
MaJMaxNGRm++gLuZYgzOCnK1BAeWNh7z4AFNnIVeWfzXccdMZ8TS6CfVpPdgwrWZyQQce9685HYMtQAj26eMyg==
x-fb-trip-id
42392124
x-fb-content-md5
460207e0e67e894a62e0a9f7b24e6aca
etag
"79e7b89262cf674e9449e202956ba05f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 23 Jun 2020 06:37:09 GMT
unip
trc.taboola.com/1034141/log/3/ 		0
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=page_view&tim=1561361120623&ref=https%3A%2F%2Ftrk.profilinet.com%2F
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1561361121.630823,VS0,VE8
x-served-by
cache-hhn1535-HHN
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
unip
trc.taboola.com/1034141/log/3/ 		0
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=view_content&tim=1561361120629&ref=https%3A%2F%2Ftrk.profilinet.com%2F
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1561361121.638679,VS0,VE9
x-served-by
cache-hhn1535-HHN
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
adsct
t.co/i/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
117
pragma
no-cache
last-modified
Mon, 24 Jun 2019 07:25:20 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
910ad22f5bae1d9acb05ac4a1490dbe5
x-transaction
0038e50d00253b0b
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1561361120656&cv=9&fst=1561361120656&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
8f85b09f2346c0cbd41566c3dc55c75b13137256f746433b660ee6c9f152582d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/930975017/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930975017/?random=1561361120599&cv=9&fst=1561359600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=964366512&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930975017/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930975017/?random=1561361120599&cv=9&fst=1561359600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=964366512&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1561361120592&cv=9&fst=1561359600000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2882286479&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1561361120592&cv=9&fst=1561359600000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2882286479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963384337/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963384337/?random=1561361120598&cv=9&fst=1561359600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1572879547&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963384337/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963384337/?random=1561361120598&cv=9&fst=1561359600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1572879547&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
wzrkt.com/ 		225 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=90&type=page&d=N4IgTgpgZhaWIBcIAuYDWA6ADmA9lAJYA2hAdhCpgMZ4C2IANCAK4DOSIEAHirGQENiAfSJg2KPNhSE8ZJqwbIIdASQUtqnNi2zY8YFAAsB4o4WMCFhACacALACUAbAFp7AdgAcrx4%2FsAWgrYAOZIAIzM1KGcRigo2GyIAPTJAO4ZmOiUkpgGIckSBoQQbIW6%2BoYmZhYmAPwsKHTC1AJ02GohZAC8OnoGljWWAGSNzXQQNoQsdN0qasSjTcJseCxg1BBzvPxCooTiktKyZEvNfGCz2OEgAL5AAA%3D&rn=2&i=1561361120&sn=0&gc=09d419d76e2f45af96fc5e9915d05fea&r=1561361120673
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.255.15.164 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-255-15-164.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2639cb452571165422463d53234612196c4595b937d1053be6e041ee82445d47

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 3B06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.82 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-29
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
date
Mon, 24 Jun 2019 07:25:20 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Thu, 02 May 2019 17:45:40 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.026
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
bd75a1c7fe2be7bdcf18cf35e5475cf7
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
c6JxWr3ipt+rVCehj25SA3mE0hC7DtvakfZFWCZ7Z/OmyDP8844IM8tWYlINPC+Hl/PMMY3jCj/PatqcAtfW2Q==
x-fb-trip-id
42392124
date
Mon, 24 Jun 2019 07:25:20 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=287403324698248&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c6206daacee5a394fcb679ac71d29f6d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/
Origin
https://www.ketto.org

Response headers

pragma
no-cache
x-fb-debug
wOTNgcH0/qGO/sMPKoRFiymJqdfOdtF2q0KGOfx1INvw1VmhwL484dH4DgcjIl1Fr1ezy4Po3dHRLQMsoDTV1w==
fb-s
unknown
status
200
x-frame-options
DENY
date
Mon, 24 Jun 2019 07:25:20 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.ketto.org
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame A631 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c6206daacee5a394fcb679ac71d29f6d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 20 Jun 2020 20:57:45 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
7pkCJ1XmYOOrlY7sFhicNvtGlO12wg9jdkIFCNMSQ1ophDIfcY7A2HzcuW/LQl+H0+vO2p4Tvtf3HRxts2RINg==
content-length
11197
x-fb-trip-id
660048238
date
Mon, 24 Jun 2019 07:25:20 GMT
/
www.google.com/pagead/1p-user-list/837073759/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/837073759/?random=1561361120596&cv=9&fst=1561359600000&num=1&guid=ON&eid=592230571&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3364648554&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/837073759/ 		42 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/837073759/?random=1561361120596&cv=9&fst=1561359600000&num=1&guid=ON&eid=592230571&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=3364648554&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1561361120656&cv=9&fst=1561359600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1495107126&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1561361120656&cv=9&fst=1561359600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa6c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&ref=https%3A%2F%2Ftrk.profilinet.com%2F&tiba=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1495107126&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:20 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&rl=https%3A%2F%2Ftrk.profilinet.com%2F&if=false&ts=1561361120750&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1561361120749.1145279731&it=1561361120561&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 24 Jun 2019 07:25:20 GMT
/
www.facebook.com/tr/ 		44 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&rl=https%3A%2F%2Ftrk.profilinet.com%2F&if=false&ts=1561361120755&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1561361120749.1145279731&it=1561361120561&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 24 Jun 2019 07:25:20 GMT
nr-1123.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1123.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:20 GMT
content-encoding
gzip
x-amz-request-id
11C5C7A965BA87C1
x-cache
HIT
status
200
content-length
9288
x-amz-id-2
EK07tFPgO0Adqe06zFaM5zuj5+H9uyW0kiPh/chg/0ZHphDJ5LNlrUa2Fz/lOZ6mTor11cv23gk=
x-served-by
cache-hhn1537-HHN
last-modified
Fri, 22 Mar 2019 14:06:15 GMT
server
AmazonS3
x-timer
S1561361121.836448,VS0,VE0
etag
"7ffb242072196e9db5f4f1bfbfa2ed7d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
56983
outer.html
js.stripe.com/v2/m/ Frame EB65 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
x-amz-id-2
LAnsnsTNoVpv6oi25DHhwB+VaRUVxEaAhsEuN0tFYht8X6gbRjq7UyDq8YWTSaSI1W/cDKT2MrY=
x-amz-request-id
536C64458FAC5A43
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 24 Jun 2019 07:25:20 GMT
via
1.1 varnish
age
102
x-served-by
cache-hhn1547-HHN
x-cache
HIT
x-cache-hits
234
x-timer
S1561361121.842876,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
adsct
analytics.twitter.com/i/ 		31 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Jun 2019 07:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
111
pragma
no-cache
last-modified
Mon, 24 Jun 2019 07:25:20 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
cf1c2a729134bb8501928aa2660ccec7
x-transaction
00aa1e240039f767
expires
Tue, 31 Mar 1981 05:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=1909470688&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsupportharshitha%3Futm_campaign%3Dsupportharshitha%26utm_medium%3Demail%26utm_source%3Dexternal_firstoption%26utm_term%3Dp1&dr=https%3A%2F%2Ftrk.profilinet.com%2F&ul=en-us&de=UTF-8&dt=My%20daughter%20can%E2%80%99t%20walk%20and%20keeps%20wailing%20in%20immense%20pain.%20Please%20help%20her%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=GTM&ea=10%20Second&_u=aHDAAAAB~&jid=&gjid=&cid=1897084972.1561361121&tid=UA-30181760-1&_gid=1886156557.1561361121&gtm=2wg6c0MJRMLZ&cd12=1561361119800.c69ky7j&cd14=1897084972.1561361121&z=833495645
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Jun 2019 07:58:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1812434
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
f64838bf44
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f64838bf44?a=14449237&v=1123.df1c7f8&to=blRTbBcCCBIAW0NZWlceck0WFwkMTl5FX1tNdF9cShASDhNRUkMaSkVeShw%3D&rst=4259&ref=https://www.ketto.org/stories/supportharshitha&ap=378&be=1611&fe=4164&dc=3325&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1561361116666,%22n%22:0,%22f%22:83,%22dn%22:84,%22dne%22:109,%22c%22:109,%22s%22:115,%22ce%22:131,%22rq%22:131,%22rp%22:1600,%22rpe%22:1825,%22dl%22:1603,%22di%22:3252,%22ds%22:3325,%22de%22:3740,%22dc%22:4163,%22l%22:4163,%22le%22:4198%7D,%22navigation%22:%7B%7D%7D&at=QhNQGl8YGxw%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ajax-loader.gif
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/ajax-loader.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
5cda245f7e51b.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/924000/924023/image/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/individual/924000/924023/image/5cda245f7e51b.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a11a7ba9a260006c3ec243244ebb3da673013d297f493fd762996b62fab4053

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Jun 2019 06:18:03 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Tue, 14 May 2019 02:14:03 GMT
server
AmazonS3
age
1732039
etag
"98d7fa8c49919d6931a940c02eac2c29"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
5528
x-amz-cf-id
8PExQVY-vPoPsjaWVtc6qcUScNERQRVqDkUBvS1UVwbnCG8CdZMrkw==
2.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00f773b66db8a5be8fbaf98455c9b73936af1ce3e52c852e2c21a34cd13b160d

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 02:21:40 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:08 GMT
server
AmazonS3
age
4338222
etag
"769f053610a2f5263eff5da9db5bf588"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
15342
x-amz-cf-id
UBoFxGQsDBDgnWrzY-JCgR3UjVU4aKHGdf17uPzWxthBjjRQugaeoQ==
/
www.facebook.com/tr/ Frame 76B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2960
pragma
no-cache
cache-control
no-cache
origin
https://www.ketto.org
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
accept-encoding
gzip, deflate, br
cookie
fr=0uwchx4HUWG2dc8Ke..BdEHrg...1.0.BdEHrg.
Origin
https://www.ketto.org
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.ketto.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 24 Jun 2019 07:25:21 GMT
5cd706cbe2916.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/803000/803960/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/individual/803000/803960/image/5cd706cbe2916.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
765b90fb5daa146572a7335560d5459bd0524ba1717df8b93ebd38354b36bc53

Request headers

Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 17:38:34 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Sat, 11 May 2019 17:31:04 GMT
server
AmazonS3
age
3764808
etag
"52fd07469752f788b9806b73d1c4e3b4"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
x-amz-cf-pop
FRA53
accept-ranges
bytes
content-length
5083
x-amz-cf-id
7Hniqs_1xtQi93a1HYyF-JziwwSn22_eYbSHzCqPodYc0UyZwKeN-g==
icomoon.z3gnh4.ttf
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/icomoon.z3gnh4.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:8000:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/storiesDefer.bundle.af2aef.css
Origin
https://www.ketto.org

Response headers

date
Mon, 03 Jun 2019 01:05:16 GMT
via
1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
age
78514
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
40168
last-modified
Tue, 30 Apr 2019 14:15:35 GMT
server
AmazonS3
etag
"13ac5beca606f472d9f1c68f2c25b01c"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
K635ulovBL-ZPoToSfe0ux81pTN4-lfPplyTdp6XNk7_VaANbwK2JQ==
system_event.php
www.ketto.org/vars/ 		16 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/vars/system_event.php?val%5BeventName%5D=pageView&val%5Bevent_type%5D=campaign&val%5Bevent_type_id%5D=92034&val%5Bpage_name%5D=stories&val%5Breferrer_page%5D=https%3A%2F%2Ftrk.profilinet.com%2F
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-68.fra50.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept
*/*
X-NewRelic-ID
VQUGVFNQDhABUFVWDgMEUQ==
Referer
https://www.ketto.org/stories/supportharshitha?utm_campaign=supportharshitha&utm_medium=email&utm_source=external_firstoption&utm_term=p1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Mon, 24 Jun 2019 07:25:23 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-newrelic-app-data
PxQGUldWDQAGR1BWAwUOVFcGFB9AMQYAZBBZDEtZV0ZaClc9HiJGERBZWj1JBUpcXhAkDFNtGBAFQ0VvTRUaEUQHVT1dTlFcR0cVUR9RA1JUBhtRSFEJBwRRTU8GHRVXBQECAFRVAlMAVlkDDggHEB8DWA1CBG4=
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop
FRA50-C1
pageurl-1
1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
16
x-amz-cf-id
zsKpiOmAx4l_1eaAEQA6G5aZ6n3cTfCKR1KLTtgVXO9GpXW_veFlHg==
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer boolean| isCached object| clevertap object| TRACKING_DETAILS number| _vwo_clicks object| _vwo_code number| settings_timer number| _vwo_settings_timer object| VWO object| _vwo_evq object| hiddengoalcampaign object| amountRaisedCampaign object| daysLeftCampaign string| browserName number| IS_WHITE_LABEL number| FB_APP_ID number| hasDraft string| PHP_API_URL string| custom_tag string| campaign_share_url_exitIntent string| campaign_share_url string| campaign_share_count_url string| device string| supporters_pagination_url string| s3_url boolean| ended string| designTemplate string| beneficiary_fname string| hospital_name string| countryCode string| apiHostUrl string| videoID object| userDetailsAPI string| landingCurrency string| supporterImage string| pageReload string| baseCurrency string| onlyBaseCurrency string| loadPayment string| showTip boolean| showTipVariation boolean| isWhiteLabel boolean| userDonatedCurrentSession object| storyAB string| operatingSystem boolean| hasSurrogateCampaigns boolean| hasUserDonated string| surrogateCampaginLoginRedirectUrl boolean| isUserLoggedIn boolean| loggedUserEmail number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_text object| _vwo_textnode string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| angular object| requestvalue number| newStory object| user_data string| cdn_url function| pageData object| google_tag_manager function| postscribe string| page_version object| typeAB string| api_url boolean| isToken_url object| ip2Details string| dimensionValue string| usedDevice number| isbilldesk object| componentForm string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| twq function| fbq function| _fbq object| _tfa object| dotq number| randomNumber object| scriptTag object| insertionNode string| conversionTag function| discardDraft function| loadCss object| addthis_config function| Razorpay function| Stripe object| app object| appIds string| selectedId function| login function| getFriends function| triggerFShareDialogClick function| triggerFShareExitDialogClick function| fbPageShare function| fbElfPageShare function| fbIplshare function| showCount function| loginFB function| connect function| DialogTrigger function| chechPopupShown function| setPopupShown function| setPopUpCookie function| getPopUpCookie function| ga_ABcheck function| ga_KettoLike function| ga_startCampaign function| event_fb_connect function| event_profilePic_popup function| AB_ExiteIntent function| ga_shareCommentAb function| showLeadModelBox function| setCookie function| getCookie function| showCampaignDraftPopup function| managerHelpPopup function| managerHelpPopupMobile function| showLeadModelBoxMobile function| similarFundModelBoxMobile function| systemEvent function| triggerEvent object| WIZRocket number| search_click function| Blazy function| fbAsyncInit function| setImmediate function| clearImmediate function| swal function| sweetAlert object| bioEp object| intlTelInputUtils object| wizrocket object| $WZRK_WR object| $CLTP_WR function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf object| twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| DfaVisibilityIdentifier_980097466_avData function| pdib object| google_image_requests object| FB object| TRC object| TRCImpl function| __trcError function| __trcJSONify object| queue function| gtag object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ function| HotjarBasicDataStorage function| HotjarCollectionDataStorage function| getClientId object| difference number| __google_lidar_adblocks_count_

17 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0uwchx4HUWG2dc8Ke..BdEHrg...1.0.BdEHrg.
.www.ketto.org/ Name: __stripe_sid
Value: 2757c879-d5f3-4834-a7e7-8a3e402d9e2e
.www.ketto.org/ Name: WZRK_L
Value: %257B%257D
.ketto.org/ Name: _fbp
Value: fb.1.1561361120749.1145279731
.doubleclick.net/ Name: IDE
Value: AHWqTUmXheiBtkfq3aQ3FBnq-9RAduCwy7AlbknWFbLONS6o-1Ju5HOXKgmlyX2D
.ketto.org/ Name: _vwo_uuid_v2
Value: DEE8FD47078D08C33D8D3BB30940649A6|e26af5b5f1e4eaa5cbac21696a690fe9
.ketto.org/ Name: _ga
Value: GA1.2.1897084972.1561361121
.www.ketto.org/ Name: WZRK_G
Value: 09d419d76e2f45af96fc5e9915d05fea
.www.ketto.org/ Name: __stripe_mid
Value: be16d7dd-46ce-427a-a18d-6123ff2f004e
.ketto.org/ Name: _vis_opt_s
Value: 1%7C
.ketto.org/ Name: WZRK_G
Value: 09d419d76e2f45af96fc5e9915d05fea
.ketto.org/ Name: WZRK_S_4R6-478-RR4Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1561361120%2C%22t%22%3A1561361120%7D
.ketto.org/ Name: _gat_UA-30181760-1
Value: 1
.ketto.org/ Name: _gid
Value: GA1.2.1886156557.1561361121
.ketto.org/ Name: _vis_opt_exp_125_exclude
Value: 1
.ketto.org/ Name: _vis_opt_test_cookie
Value: 1
.ketto.org/ Name: _gcl_au
Value: 1.1.1450790680.1561361120

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9237602.fls.doubleclick.net
ad.doubleclick.net
ajax.googleapis.com
analytics.twitter.com
apis.ketto.org
app.profdynamic.com
bam.nr-data.net
box2i.com
cdn.taboola.com
checkout.razorpay.com
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
displayemailbox.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
js-agent.newrelic.com
js.stripe.com
s.yimg.com
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
track.vnative.com
trc.taboola.com
trk.profilinet.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ketto.org
wzrkt.com
zeeseclink.com
103.107.120.141
103.107.120.3
104.244.42.133
104.244.42.3
13.232.171.10
143.204.101.68
143.204.101.78
144.217.74.79
147.75.205.49
147.75.83.1
147.75.83.82
151.101.0.176
151.101.2.110
151.101.2.2
151.101.36.157
159.122.87.148
159.122.87.153
162.247.242.18
172.217.16.130
172.217.18.102
172.217.23.130
216.58.205.230
2600:9000:2047:8000:d:e617:f340:21
2606:4700:30::681b:9723
2a00:1288:84:800::1002
2a00:1450:4001:806::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:814::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:825::2002
2a00:1450:400c:c07::9b
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.255.15.164
35.186.199.79
35.201.98.21
54.169.244.171
00a0fbb14e440afad694562de78d31471c2bda804e0aa974f64ebca91beb9b3c
00f773b66db8a5be8fbaf98455c9b73936af1ce3e52c852e2c21a34cd13b160d
05662a5179f15da38c54802519afb2d82ebfb1604bb1476b3a0054587712bf24
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d
0c4592cb56bec1a745568b3dd0746818ec4cb08e996c96175e7abd37d774dc8c
0ec54a58d35ac36a9f5917750661e0addae1fd94087ede2bb0fcb26d781be049
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
124ae07c109f70a815572735aed19e1595167f26fb82401e8136c7633606acfa
1495998141c1d663000e168d91710a9259e78cbd168e7891ea91afb5835e6f31
199db9a8ba29fc684f449d6e90c3f6367977ca8e80f4b3515b069c3a7ba0d31d
1a11a7ba9a260006c3ec243244ebb3da673013d297f493fd762996b62fab4053
1e7d5d203bc2f19aa87dae274edddb22f8c8b6a2946f036826cb8edbb1a6bd34
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117
2639cb452571165422463d53234612196c4595b937d1053be6e041ee82445d47
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
2ac96d443f75f621d470154a94cc6a45eb750bb9bdf9ed7a43f282a73ac617d8
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32c921daa56738b99b2fa051601837ec31664ccdf03714f9526c361a99077aca
35f3565f20c4e3571097cef77f8f7707afbdbfaa88270244047ff8650e8251d3
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
3ce41c0fc0aa5e0684996bc2164b7f079835e7af0879cdfffe84018685f7a75f
3ee8b901b40f5b283f39f8222737d191afc5e0783dbfd9a579d8f05e5b65fbfd
4792427f6aa5c2c7474f6596433112e4e8b68f45c9d83075ceaa63638bff2a42
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
480e98104bffae58da471d3c88798bb92cf045e0711a56705bcc4d7633469d65
482ab1b1e3531360a2031de494307726605410f930e7ecf536a1d60ba3554450
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf
669fbe52929575a38eb337b51070255f4a055a03fd6a93d573486d0f0a591344
6c7c968a685a723657273268cdedaae4a93f4659d3e4d6ce4f09f54f4a6255cb
707d834333303eac803187c9b9ba4ac1a28158f263f008eb373efb87ca0259ff
7411aad7bc1419b6591c42a211f696b20232d9f471c509608342e76d612c33f2
765b90fb5daa146572a7335560d5459bd0524ba1717df8b93ebd38354b36bc53
780c27ba988f780180648bee9633d40f3b2487d774798267052d94923aed7f0d
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe
7bd7e0873fed71eeb59c1c17b831c8cfd4eeaa6a8f8fc7ec6aa27804e796b8ce
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
80bba14912a07e4e8760f6aa85440e3d41520f598e9fd1fb588dff2a8a95a898
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c69f5d15322bc501f291ceb926354923318a42b0ad230669a2834ab47a584f
8c5869dfea67fb092475cee79afc8688208e6a2557cb3796159a5cfd58b60a85
8f85b09f2346c0cbd41566c3dc55c75b13137256f746433b660ee6c9f152582d
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156
994a697ff09b543e742b3b24796c74f046b7bf50754a45491ed53fc3fa523af2
9dd8a9994cf73fe3e5400885977b90713219032adf4553ed554c33b6a9be260f
a0fa530213ec485bfd358f31287b35ffae165c6a25801a89316c572ce27f4b2f
a9766bcb557428e90485f08dcc532705af5c001e360a621c72ad219e427c4514
ab9a9400a10741414bbb15b9b05cc6dfb12523f5f4cb8ffd5e3c93b526bfe807
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b090e61991ba938ae7e9fde0a6927e506e5abd4213dd6acd4f0213be287f3559
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d6bafc5d5605fbff8318e76918edca188e409adb4e5040d4daa0d4ceedcc6a20
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf
dfe2f04474a824d7f8a21d2f6ab5c06ec7046e88e7d8b15ed23693984acb4a80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f10fbaf9518dc84eb64b84d092c95b3120579f6d6e632777270f7d91f1667c
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e9d227890b641d0ab59377385fff6f777ae63c8487453cc63390990e2412c05a
ec2ac4a50049dd478b1ee71208413228376bfa66054363558058cda76d945e75
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e6382aa070301007ee92dbaaef83c9f6075f9d86ee3632c82a609f02c6fc1f
f439d06b31431c40366690512548b080d57acdd300dd5ed56d8d7e89ad655595
f5eb3fc2d0958739eddace2ef8d827c187a8d6db0eba5b2211b131eef7c3336b
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fc3efd4158c7ca75c9fc1a167e098e831d03d2f344cc78d54aa39611630a8523
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
feb667cc56b9a7ce18c34a31b785be2105c3930d9388d392f4153701b597ed31