www.ketto.org Open in urlscan Pro
13.232.153.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.quicklivedeals.com/re?l=D0Is4c7ynI7vft8n7I0
Effective URL:
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Submission: On December 19 via manual (December 19th 2018, 6:03:33 pm UTC) from US

Summary HTTP 96 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 29 domains to perform 96 HTTP transactions. The main IP is 13.232.153.143, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.ketto.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 26th 2018. Valid for: 3 months.

This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.192.43.151 91.192.43.151	15960 (GLOBALACCESS) (GLOBALACCESS)
1 1	52.210.161.187 52.210.161.187	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	13.232.153.143 13.232.153.143	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
19	2600:9000:20b... 2600:9000:20bb:3e00:d:e617:f340:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c0a::61	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.101.78 143.204.101.78	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	159.122.87.153 159.122.87.153	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2600:9000:20b... 2600:9000:20bb:d200:d:e617:f340:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	159.122.87.148 159.122.87.148	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	52.50.103.2 52.50.103.2	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	147.75.80.178 147.75.80.178	54825 (PACKET) (PACKET - Packet Host)
6	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.46.80 104.244.46.80	13414 (TWITTER) (TWITTER - Twitter Inc.)
5	151.101.2.2 151.101.2.2	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1288:7c:... 2a00:1288:7c:800::4001	43428 (YAHOO-ULS) (YAHOO-ULS)
1	13.126.155.42 13.126.155.42	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY - Fastly)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
4 7	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
1	199.16.156.75 199.16.156.75	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 7	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
5	54.169.244.171 54.169.244.171	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.33.223.210 185.33.223.210	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2a03:2880:f02... 2a03:2880:f029:11:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	199.16.156.73 199.16.156.73	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	147.75.83.19 147.75.83.19	54825 (PACKET) (PACKET - Packet Host)
1 2	216.58.207.38 216.58.207.38	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	52.77.171.92 52.77.171.92	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.169.14.94 54.169.14.94	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.2.110 151.101.2.110	54113 (FASTLY) (FASTLY - Fastly)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
96	36

1 91.192.43.151 (Germany) 1 redirects

ASN15960 (GLOBALACCESS, DE)

mail.quicklivedeals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.161.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-161-187.eu-west-1.compute.amazonaws.com

c.agdgtl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.232.153.143 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-232-153-143.ap-south-1.compute.amazonaws.com

www.ketto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20bb:3e00:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d1vdjc70h9nzd9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::61 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.78 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-78.fra50.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.122.87.153 (Frankfurt, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20bb:d200:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d1vdjc70h9nzd9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.122.87.148 (Frankfurt, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.103.2 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-103-2.eu-west-1.compute.amazonaws.com

wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::200e (Ireland) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.80.178 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.46.80 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4001 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.126.155.42 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-126-155-42.ap-south-1.compute.amazonaws.com

checkout.razorpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2004 (Ireland) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.75 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.169.244.171 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com

apis.ketto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.210 (European Union) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f029:11:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.73 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.19 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-24

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f6.1e100.net

8611446.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.171.92 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-171-92.ap-southeast-1.compute.amazonaws.com

ads.instabid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.169.14.94 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-14-94.ap-southeast-1.compute.amazonaws.com

px.instabid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	cloudfront.net d1vdjc70h9nzd9.cloudfront.net d2r1yp2w7bby2u.cloudfront.net	767 KB
10	facebook.com 1 redirects www.facebook.com graph.facebook.com staticxx.facebook.com	3 KB
10	doubleclick.net 6 redirects stats.g.doubleclick.net googleads.g.doubleclick.net 8611446.fls.doubleclick.net cm.g.doubleclick.net	5 KB
8	ketto.org www.ketto.org apis.ketto.org	64 KB
7	google.de www.google.de	1 KB
7	google.com 4 redirects www.google.com	1 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	125 KB
5	taboola.com cdn.taboola.com trc.taboola.com	6 KB
4	facebook.net connect.facebook.net	161 KB
4	google-analytics.com 3 redirects www.google-analytics.com	18 KB
3	stripe.com js.stripe.com	21 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	84 KB
2	instabid.tech 1 redirects ads.instabid.tech px.instabid.tech	566 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	googleadservices.com 1 redirects www.googleadservices.com	9 KB
2	wzrkt.com wzrkt.com	1 KB
2	gstatic.com fonts.gstatic.com	21 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
1	nr-data.net bam.nr-data.net	261 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	twitter.com analytics.twitter.com	268 B
1	t.co t.co	169 B
1	yahoo.com sp.analytics.yahoo.com	449 B
1	razorpay.com checkout.razorpay.com	17 KB
1	yimg.com s.yimg.com	5 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	agdgtl.com 1 redirects c.agdgtl.com	854 B
1	quicklivedeals.com 1 redirects mail.quicklivedeals.com	215 B
96	29

	Domain	Requested by
24	d1vdjc70h9nzd9.cloudfront.net	www.ketto.org ajax.googleapis.com
7	www.facebook.com	1 redirects www.ketto.org
7	www.google.de	www.ketto.org
7	www.google.com	4 redirects www.ketto.org
6	dev.visualwebsiteoptimizer.com	www.ketto.org dev.visualwebsiteoptimizer.com
5	apis.ketto.org	www.ketto.org
4	trc.taboola.com	www.ketto.org
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
4	connect.facebook.net	www.ketto.org connect.facebook.net d1vdjc70h9nzd9.cloudfront.net
4	www.google-analytics.com	3 redirects www.googletagmanager.com
3	stats.g.doubleclick.net	3 redirects
3	js.stripe.com	www.ketto.org js.stripe.com
3	www.ketto.org	www.ketto.org
2	staticxx.facebook.com	connect.facebook.net
2	8611446.fls.doubleclick.net	1 redirects www.ketto.org
2	secure.adnxs.com	1 redirects www.ketto.org
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
2	fonts.gstatic.com	www.ketto.org ajax.googleapis.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.ketto.org
1	px.instabid.tech	www.ketto.org
1	cm.g.doubleclick.net	1 redirects
1	ads.instabid.tech	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	analytics.twitter.com	static.ads-twitter.com
1	graph.facebook.com	www.ketto.org
1	t.co	www.ketto.org
1	sp.analytics.yahoo.com	s.yimg.com
1	script.hotjar.com	static.hotjar.com
1	checkout.razorpay.com	www.ketto.org
1	s.yimg.com	www.ketto.org
1	cdn.taboola.com	www.ketto.org
1	static.ads-twitter.com	www.ketto.org
1	static.hotjar.com	www.ketto.org
1	d2r1yp2w7bby2u.cloudfront.net	www.ketto.org
1	www.googletagmanager.com	www.ketto.org
1	fonts.googleapis.com	www.ketto.org
1	ajax.googleapis.com	www.ketto.org
1	c.agdgtl.com	1 redirects
1	mail.quicklivedeals.com	1 redirects
96	41

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
d1vdjc70h9nzd9.cloudfront.net
blog.ketto.org
www.facebook.com
www.twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
ketto.org Let's Encrypt Authority X3	`2018-11-26` - `2019-02-24`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2017-06-30` - `2020-07-06`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
wzrkt.com DigiCert ECC Secure Server CA	`2018-11-11` - `2019-11-20`	a year	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-06-28` - `2019-07-03`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-03` - `2019-09-07`	9 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-12-04` - `2019-01-16`	a month	crt.sh
*.razorpay.com Amazon	`2018-09-27` - `2019-10-27`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2018-11-13` - `2019-03-05`	4 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-21` - `2019-05-20`	6 months	crt.sh
www.google.com Google Internet Authority G3	`2018-12-04` - `2019-02-26`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2019-11-05`	a year	crt.sh
apis.ketto.org Let's Encrypt Authority X3	`2018-11-07` - `2019-02-05`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2018-10-31` - `2020-02-12`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2018-12-10` - `2019-03-10`	3 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.instabid.tech Amazon	`2018-01-07` - `2019-02-07`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-12-06` - `2019-04-14`	4 months	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Frame ID: 2EC69BE719676F8A21DCA1E2C97A9401
Requests: 92 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default808896&stripe_xdm_p=1
Frame ID: 45C05B5C36BF87D03E80D058FEC7EE6A
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 009B2CFC31C1B43D48DAAC787EE5C1C4
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: 90415C75A114B98F8D0269ED8BFA018B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: B48B88DE315866BB0194535C73EEED60
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: D0972F072950F6A2FC0724EF07828FAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mail.quicklivedeals.com/re?l=D0Is4c7ynI7vft8n7I0 HTTP 302
https://c.agdgtl.com/?a=3&c=773&E=mreso0hAhm4%3d&s1= HTTP 302
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=externa... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Amazon EC2 (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /$Amazon$/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^angular$/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

env /^Stripe$/i

AddThis (Widgets) Expand

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

New Relic (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^NREUM/i

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^swal$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

96
Requests

100 %
HTTPS

39 %
IPv6

29
Domains

41
Subdomains

36
IPs

7
Countries

1389 kB
Transfer

4378 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?text=%2AWe%20are%20left%20with%20nothing%20now%2C%20but%20hope%2C%20Please%20help%20save%20my%20dying%20daughter%2A%0A%0AThe%20very%20thought%20of%20losing%20our%20only%20child%20steals%20our%20sleep%20away%20from%20us.%20From%20last%202%20years%2C%20we%20have%20only%20been%20in%20constant%20worry%20for%20Farin.%20She%20is%20four%20and%20a%20half%20years%20old%20and%20she%20loves%20to%20play%2C%20laugh%2C%20run%2C%20and%20if%20her%20platelets%2C%20RBC%2C%20and%20WBC%20counts%20fall%2C%20she%20becomes%20very%20weak%20and%20dull%20and%20we%20have%20to%20rush%20her%20to%20the%20hospital%20for%20blood%20transfusion.%20It%20pains%20to%20hear%20her%20cry%2C%20it%20pains%20to%20see%20her%20suffer%2C%20it%20pains%20to%20not%20be%20able%20to%20earn%20enough...%0A%0A%2ARead%20more%2A%20-%20https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_source%3Dinternal%26utm_medium%3DwhatsappShare%26utm_campaign%3Dhelpfarin%26utm_content%3D%26shby%3D1%26st%3D%0A%0A%2ADonate%20Now%20to%20help%20Sirajudeen%2A%20-%20https%3A%2F%2Fwww.ketto.org%2Fcontribute%2Fcontribute.php%3Ffmd_id%3D70306%26utm_source%3Dinternal%26utm_medium%3DwhatsappShare%26utm_campaign%3Dhelpfarin%26utm_content%3D14e6fba02ff2b992f6e6fb3716158cba
Title: 719

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/16a7e8fc95c3ce2369da3809a16ef2e80cd9f204.jpg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/f24594fb5e7e83a2098acf8b932bbe6e7aa6cf39.jpg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/c94fc8975676dde017507ecc1fc43d52449c4b0c.jpeg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/65fb3a682ad61fefb27640e2c2dc9fdb061f7dd8.jpeg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/bc9be8d94d766890e585d9a5ef0c45c77d073fac.jpeg

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/dd4fab1952e907e3e422f7ac2bf552b3b65ade71.jpeg

Search URL Search Domain Scan URL

URL: http://blog.ketto.org/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ketto.org
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/ketto
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/ketto-online-ventures-private-limited
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Kettodotorg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kettoindia/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=919820951923
Title: Chat with us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.quicklivedeals.com/re?l=D0Is4c7ynI7vft8n7I0 HTTP 302
https://c.agdgtl.com/?a=3&c=773&E=mreso0hAhm4%3d&s1= HTTP 302
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=1885870366&gjid=236602130&cid=105910923.1545242580&tid=UA-30181760-1&_gid=114206853.1545242580&_r=1&gtm=2wgbc0MJRMLZ&cd12=1545242579519.00q87h2&z=795377182 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_gid=114206853.1545242580&gjid=236602130&_v=j72&z=795377182 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182&slf_rd=1&random=533510245

Request Chain 69

https://secure.adnxs.com/px?id=988443&seg=12457517&t=1 HTTP 302
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D988443%26seg%3D12457517%26t%3D1

Request Chain 73

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=We%20are%20left%20with%20nothing%20now%2C%20but%20hope%2C%20Please%20help%20save%20my%20dying%20daughter&_u=aEBAAAAB~&jid=399478527&gjid=868004776&cid=482998400.1545242581&tid=UA-30181760-1&_gid=1959945244.1545242581&_r=1&gtm=2wgbc0MJRMLZ&cd7=150&cd8=helpfarin&cd9=70306&cd10=ad&z=414288358 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_gid=1959945244.1545242581&gjid=868004776&_v=j72&z=414288358 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358&slf_rd=1&random=1037575269

Request Chain 83

https://8611446.fls.doubleclick.net/activityi;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://8611446.fls.doubleclick.net/activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 84

https://ads.instabid.tech/s?s=ktlp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yoptima_media_solutions_pvt_ltd&google_hm=UUtnVlc2TkIybUZIZU41c1FrWUxZVA HTTP 302
https://px.instabid.tech/apxs

Request Chain 85

https://www.googleadservices.com/pagead/conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=810259499&sscte=1&crd=CILQGw&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=252905846 HTTP 302
https://www.google.de/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=252905846&ipr=y

Request Chain 93

https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Df2bce06972409c8%26domain%3Dwww.ketto.org%26origin%3Dhttps%253A%252F%252Fwww.ketto.org%252Ff10a56fd8282dbc%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version=v2.7 HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

Request Chain 94

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GTM&ea=10%20Second&_u=aHBAAAAB~&jid=2004041413&gjid=50341387&cid=105910923.1545242580&tid=UA-30181760-1&_gid=114206853.1545242580&_r=1&gtm=2wgbc0MJRMLZ&cd12=1545242579519.00q87h2&cd14=105910923.1545242580&z=1066483089 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_gid=114206853.1545242580&gjid=50341387&_v=j72&z=1066483089 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089&slf_rd=1&random=640567421

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set helpfarin Show response
www.ketto.org/stories/
Redirect Chain

http://mail.quicklivedeals.com/re?l=D0Is4c7ynI7vft8n7I0
https://c.agdgtl.com/?a=3&c=773&E=mreso0hAhm4%3d&s1=
https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

242 KB
57 KB

1163ms
772ms

Document
text/html

13.232.153.143
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.232.153.143 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-232-153-143.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.32 / PHP/5.6.32
Resource Hash: 1207558f5b5d377866cd340cdc8a4c0ae15098fa521dcdd6dbd6ce4fa77c6c9e

Request headers

Host: www.ketto.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 18:02:58 GMT
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.32
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
PageURL-1: 1
Pragma: no-cache
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0
X-Powered-By: PHP/5.6.32
Content-Length: 56364
Set-Cookie: KETTOSESSID=p8st4vku299m5a47s0d61v6nl6; path=/; domain=.ketto.org k_utm=eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfa2Vuc2NpbyIsInV0bV9tZWRpdW0iOiJlbWFpbCIsInV0bV9jYW1wYWlnbiI6ImhlbHBmYXJpbiJ9; expires=Mon, 17-Jun-2019 18:02:58 GMT; Max-Age=15552000; path=/ ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Wed, 26-Dec-2018 18:02:58 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=14e6fba02ff2b992f6e6fb3716158cba; expires=Fri, 25-Nov-2118 18:02:58 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiIzNjQ1ZjBjNzI0NDM3MDc3NjkzNDJlNzQ2NzZhMWQxNyIsInN0IjoxNTQ1MjQ0Mzc4fQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Wed, 26-Dec-2018 18:02:58 GMT; Max-Age=604800; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Wed, 26-Dec-2018 18:02:59 GMT; Max-Age=604800; path=/; domain=.ketto.org
Keep-Alive: timeout=15, max=60
Connection: Keep-Alive

Redirect headers

status: 302
content-type: text/html; charset=utf-8
date: Wed, 19 Dec 2018 18:02:57 GMT
location: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
set-cookie: trk=+J2/zUVUHGgNkgApTFak+D3MxJp64jQgPJpoci07cCn5ak+aEXLkhmWEskbkzqx+JaVxY6pXNuM=; Domain=.agdgtl.com; Expires=Fri, 18 Dec 2020 18:02:57 GMT; HttpOnly sid=+J2/zUVUHGgNkgApTFak+NCXEcziubHpPJpoci07cCkIXO28eEnIbGWEskbkzqx+sz3RKTXi8LM=; Domain=.agdgtl.com; HttpOnly x202=Umb3QQlCXV0jdC5rkloaVbwvMogQnHyLvDiRYV3vtL3ioGJ2zimQVpJJho2zpafFjmAs+RbeThFdOAVCvEcQpAZ+4l+Twr9nbGHF5ccFUVpu5lkmodHMxIMfjdlxQ9nKIqQYgGFpGhUMVZ1MqK21RvCr9nDOidmlIHIFx9witL71mF+IZchP8I4wTYJFw+3Pu+N6XEelqIbop2C5SDogGN9DbHTaJ151+reyki0Sj4sfq5QMm2z28W/YLGKzHrwH8JgRWX8nRL+KGhCGp3z0DtNE/n1Ubbu4/uR6r3cSo7VtY5SuE02baqp23s5NDwVHjW7WQD/kbyBAdoxI+9QMVWNaPQsoKtlm0VT8FN13pweHccH7ZMM7UXOJbnvjiUfg6J1N7U97lqsQKtrkL97Xoaf8LuP+NiDnSinQDvAJZ63c/afwtrA7I4cJc/E3XhqFQPtsX4so30X/ZRW407Y3MicORJcRfftT2wJwjgnxO8Y=; Domain=.agdgtl.com; Expires=Fri, 18 Jan 2019 18:02:57 GMT; HttpOnly
x-ckt: bgd8fkdvci2uvet0t1jg
x-ray: bgd8fkdvci2uvet0t1hg
content-length: 138

GET
H2 200 custom.24156f.css
d1vdjc70h9nzd9.cloudfront.net/less/ 624 KB
95 KB 55ms
12ms Stylesheet
text/css 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b92379c5b60656b10a5a9955af716cb4d4bd964518fe6cb3e55e88153a8a4cdc

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 09:32:24 GMT
content-encoding: gzip
last-modified: Mon, 17 Dec 2018 08:48:58 GMT
server: AmazonS3
age: 30636
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: 4wcefd_tmU3yo5PNN5AuO56FbJVYdEhOPHlOPardyKS3ppxn_XzDEA==
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)

GET
H2 200 stories.designD.bundle.a329af.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 223 KB
30 KB 56ms
13ms Stylesheet
text/css 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a329af.css
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c571030c5e0ec1150f1a9d28f8748a05f103a5dd5c687d968b0ad8cb85b51bf5

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 18:26:56 GMT
content-encoding: gzip
last-modified: Sat, 15 Dec 2018 17:04:34 GMT
server: AmazonS3
age: 86006
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: q8nHF4zCJs2D1fySOTmWE69g6f1pW8D3EJDJOQxb8UukClRDeA410Q==
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 06 Dec 2018 10:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1149614
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 30028
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2019 10:42:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
989 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700,500|Noto+Sans:400,700

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

95375255ecc9eeec1f7f415fca9d993cd3b446b3c217c69729b1038e1e5afc14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 19 Dec 2018 18:02:59 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 19 Dec 2018 18:02:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 19 Dec 2018 18:02:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
40 KB 24ms
22ms Script
application/javascript 2a00:1450:400c:c0a::61
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:400c:c0a::61 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

998d548363a3d9f10ddf546d5102887498076733fdafca8bc1bf74d988b3049a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 40854
x-xss-protection: 1; mode=block
expires: Wed, 19 Dec 2018 18:02:59 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 40 KB
14 KB 71ms
10ms Script
application/javascript 143.204.101.78
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.78 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-78.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3766c7dc97eb5b7347bc167cd08e79ea9273fbf587a4741198ba0a0bcaaed0d7

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 17:58:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Aug 2018 12:40:06 GMT
Server: AmazonS3
Age: 286
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: 14hLwxz7uKQ1XeLur6BrTKy1OFPpTVvoJ-U8HJgCaYILQGqqD5E7gg==

GET
H2 200 angular.min.js Show response
d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/ 146 KB
52 KB 11ms
11ms Script
application/x-javascript 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/angular.min.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 09:32:22 GMT
content-encoding: gzip
last-modified: Fri, 09 Dec 2016 14:12:35 GMT
server: AmazonS3
age: 19471161
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-id: yrnw63OOKzCNosY_3nX7-SMeYnCWLPfO1JHLis_mesBbw2ztGH_Jbg==
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)

GET
H2 200 dc33e5bc26c141a6891b01715008192303774a36.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/70000/70306/image/ 33 KB
34 KB 27ms
26ms Image
image/jpeg 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/70000/70306/image/dc33e5bc26c141a6891b01715008192303774a36.jpg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd66b41954b5995d58a437f960fca4d3133aef487be39b50ac80b20e3f496444

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 15 Dec 2018 17:27:07 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Tue, 13 Nov 2018 05:36:24 GMT
server: AmazonS3
age: 347753
etag: "205092bf806bb23ec6c59ec6e12c65d0"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34015
x-amz-cf-id: ZM3ES--up4zNHeYYKIU8Q3wW32QUXkU-kzoJ_8TwUUcPumeeVs_nEQ==

GET
H2 200 ketto_assured_icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ 8 KB
8 KB 14ms
13ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/ketto_assured_icon.png
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 24 Nov 2018 12:22:48 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:11:56 GMT
server: AmazonS3
age: 2180412
etag: "200ceec5ec95c93879aad89ad37c2b2c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8241
x-amz-cf-id: cgBWRU0s6zwiW9-Wh8FLC2Q9QCQmUa4QrLBvQSDHBorPIQGA7hWCSQ==

GET
H2 200 check-circle.png
d1vdjc70h9nzd9.cloudfront.net/images/ 525 B
856 B 15ms
14ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle.png
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 04 Aug 2018 00:30:29 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:09:56 GMT
server: AmazonS3
age: 11899951
etag: "da1437e83409e90ba99351cd977c1972"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 525
x-amz-cf-id: 1Fysixt_CN3cF1iiN2C9dkwC3FVBRtDJBNjWso4VhVil6rh2Rf72zA==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 8 KB
2 KB 49ms
14ms Script
application/javascript 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.06314358790483832
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.153 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 99.57.7a9f.ip4.static.sl-reverse.com
Software: dacdn2 /
Resource Hash: 6be7b10da3436735a7da81070eb1392f8503614a1f1bc77dfd6c634d64028f17

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Wed, 19 Dec 2018 18:02:58 GMT
content-encoding: gzip
server: dacdn2
content-type: application/javascript; charset=UTF-8

GET
H2 200 fe8d731b66359375f23929a12033b8b7d393a091.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/70000/70306/image/ 3 KB
3 KB 77ms
76ms Image
image/jpeg 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/70000/70306/image/fe8d731b66359375f23929a12033b8b7d393a091.jpg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f5bc5ddd4401d58adc04ff122c395d429c213fe2b8ec86d9f4312cf5598989b

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 14 Dec 2018 07:52:32 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Fri, 19 Oct 2018 07:36:45 GMT
server: AmazonS3
age: 468628
etag: "e37b180f2478667c1ac334cc8c034324"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2691
x-amz-cf-id: wJH4FG7w0opTWbqsKSMlxcBiNJ-8YFzi2uqgzUQ7VZbcHWH31KHvsw==

GET
H2 200 success.svg
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 947 B
1 KB 13ms
12ms Image
image/svg+xml 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/stories/success.svg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 23 Nov 2018 05:50:48 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:12:15 GMT
server: AmazonS3
age: 2290332
etag: "b3ac3ad9144c660c6f162cfc15d848f4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 947
x-amz-cf-id: AgvU2NJlJ78F_ryR-5V0zdLv1R6c3G5ROv8QvNeawriPGWj233fjbA==

GET
H2 200 ketto-preloader.gif
d1vdjc70h9nzd9.cloudfront.net/images/ 33 KB
33 KB 13ms
12ms Image
image/gif 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/ketto-preloader.gif
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 24 Nov 2018 05:17:35 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:11:56 GMT
server: AmazonS3
age: 2205925
etag: "b450384414976a19d30e015730e860b6"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33461
x-amz-cf-id: Yk8UgTNlvkSdfxmrdAskO8HkTsLTk3ePgPeGZhuzfel8RlOHfqWuwg==

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v7/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v7/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700,500|Noto+Sans:400,700
Origin: https://www.ketto.org

Response headers

date: Mon, 10 Dec 2018 15:37:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:32 GMT
server: sffe
age: 786357
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9944
x-xss-protection: 1; mode=block
expires: Tue, 10 Dec 2019 15:37:02 GMT

GET
H2 200 fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ 70 KB
71 KB 37ms
17ms Font
application/octet-stream 2600:9000:20bb:d200:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:d200:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
Origin: https://www.ketto.org

Response headers

date: Thu, 22 Nov 2018 06:28:08 GMT
via: 1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
age: 2374492
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 71896
last-modified: Mon, 07 May 2018 14:12:37 GMT
server: AmazonS3
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary: Origin
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BM5sfVyCoplC_sZUVksV_dO1rC3_MVHiXToJKyHckj4H4e2B78PXDw==

GET
H2 200 va-86fd9d64674edb81b84cfebf656cc1d3.js Show response
dev.visualwebsiteoptimizer.com/5.0/ 162 KB
54 KB 30ms
7ms Script
text/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/5.0/va-86fd9d64674edb81b84cfebf656cc1d3.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.06314358790483832
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: 35281730aea2864d868b17ccd6e3e2ea74b53bb1091e8613dd249c689b1ac989

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
last-modified: Fri, 14 Dec 2018 10:56:57 GMT
server: fra1dacdn
access-control-allow-origin: *
etag: "5c138c79-d8aa"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55466

GET
H2 200 track-86fd9d64674edb81b84cfebf656cc1d3.js Show response
dev.visualwebsiteoptimizer.com/5.0/ 17 KB
6 KB 42ms
21ms Script
text/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/5.0/track-86fd9d64674edb81b84cfebf656cc1d3.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.06314358790483832
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: d12571fb058caba3e2478b76fc95d3f65741995d085ef27e29434b6e6d67791c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
last-modified: Fri, 14 Dec 2018 10:56:57 GMT
server: fra1dacdn
access-control-allow-origin: *
etag: "5c138c79-15b9"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5561

GET
H2 200 opa-ae9f477a09584bfb879b58ad63ce53d8.js Show response
dev.visualwebsiteoptimizer.com/analysis/2.0/ 149 KB
48 KB 37ms
21ms Script
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/2.0/opa-ae9f477a09584bfb879b58ad63ce53d8.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.06314358790483832
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: 1a354d833d3717ca39f39a46d944c65c4f575743c8bc00689acbcf463d3de6cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
last-modified: Thu, 06 Dec 2018 11:24:11 GMT
server: fra1dacdn
access-control-allow-origin: *
etag: W/"5c0906db-25569"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
236 B 10ms
10ms Image
image/gif 159.122.87.153
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?a=326437&d=ketto.org&u=D55DBF1B4FE3EE4CF891F68183731B7CB&h=ef11c347c126dd553e9d87b577570ef0&t=false&r=0.7778560017004297

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.87.153 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

99.57.7a9f.ip4.static.sl-reverse.com

Software

dacdn2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
server: dacdn2
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK a Show response
wzrkt.com/ 261 B
591 B 138ms
31ms Script
text/javascript 52.50.103.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://wzrkt.com/a?t=88&type=page&d=N4IgrgziBcIKYA8AucBOA7AhgGwPoGs50IBjASwHsQAacAWxnjszOxvBMYAs5sAHAGaZUZdOzIATRgBYASgDYAtNIDsADkWzZ0gFrs%2BAcxgBGWiUPckSPhGgB6OwHdnAOkJWKLiqgN2ISbzI4CDsefiERdAB%2BMCQ6XBJMOj4WA3QAXjDBYVEAMlj4ujgJMjA6dLhmVny43AgKMFQSOArkNCw8QmJyKgBfIA%3D&rn=1&i=1545242579&sn=0&r=1545242579441
Requested by: Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.50.103.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-50-103-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ccc5e2343c1e0ff2c59463f8319e3dffc96a0429a372e71f133f4bba2a393a07

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Content-Length: 261
Expires: Thu, 01 Jan 1970 00:00:00 GMT, 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23

Request headers

Response headers

Content-Type: image/gif

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 68ms
17ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8755
x-xss-protection: 1; mode=block
server: cafe
etag: 14625954634965495121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 19 Dec 2018 18:02:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 6523
date: Wed, 19 Dec 2018 16:14:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Wed, 19 Dec 2018 18:14:16 GMT

GET
H2 200 hotjar-200024.js Show response
static.hotjar.com/c/ 10 KB
3 KB 14ms
14ms Script
application/javascript 147.75.80.178
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-200024.js?sv=5

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.80.178 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-25

Software

Resource Hash

525936107596e6a3c36cda1babfa7a688cc88988858f03effbc2605a1e01a03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
etag: W/7735fba9bbf44209e9bcffd979c5fae3
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=60
section-io-origin-time-seconds: 0.050
section-io-origin-status: 304
accept-ranges: bytes
section-io-id: fd03cff7ed0273b7c77a8fa32a89890b
content-length: 2727

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 51 KB
15 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 14861
x-xss-protection: 0
pragma: public
x-fb-debug: /ErQvbbd6qikkrDcwG/mLbU2bsZ8Ue8WIjLPPALiM9V5nu0D+8AHDiYbzFopJyK7702Soq31MJTmuDA9vg7ehw==
date: Wed, 19 Dec 2018 18:02:59 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 143ms
143ms Script
application/javascript 104.244.46.80
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.46.80 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
age: 64986
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-tw-lon2-cr1-5-TWLON2
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1545242580.532297,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1034141/ 13 KB
5 KB 1095ms
9ms Script
application/javascript 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1034141/tfa.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0678fe3986782fd747ccdf5678028638d871c00001a57e81eb9cab942f04834e

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: nZCR5eXCYJ5Xtmkg7eyH4p6Sf0WqtIQZ
content-encoding: gzip
age: 130
x-cache: HIT
status: 200
date: Wed, 19 Dec 2018 18:03:00 GMT
x-amz-replication-status: PENDING
content-length: 4854
x-amz-id-2: U/BGS9+1YquboLymiHS3w37rGNSwMwMQJghInivUMLUhB+/rxPae1vac6y8bDO1kPxaP57rZgAo=
x-served-by: cache-hhn1525-HHN
last-modified: Wed, 19 Dec 2018 18:00:50 GMT
server: AmazonS3
x-timer: S1545242581.612526,VS0,VE0
etag: "00fa28d37167aa25ef18c745eaebbc4d"
vary: Accept-Encoding
x-amz-request-id: 486B8CFC4DADBE40
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 6
x-cache-hits: 962

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
5 KB 120ms
48ms Script
application/javascript 2a00:1288:7c:800::4001
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:7c:800::4001 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Accept-Encoding
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:10:56 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
via: http/1.1 spdc0026.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e19.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSf ])
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
H/1.1 200
OK razorpay.js Show response
checkout.razorpay.com/v1/ 47 KB
17 KB 876ms
233ms Script
application/javascript 13.126.155.42
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.razorpay.com/v1/razorpay.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.126.155.42 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-13-126-155-42.ap-south-1.compute.amazonaws.com

Software

nginx/1.13.7 /

Resource Hash

46be62e10ab7fe56805a7a51ae7ca54c96539db8c3e5121fe50a9e6236f15a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 18:03:00 GMT
Content-Encoding: br
Last-Modified: Tue, 18 Dec 2018 11:32:21 GMT
Server: nginx/1.13.7
Etag: "5c18dac5-413b"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Strict-Transport-Security: max-age=315360000; includeSubdomains
Access-Control-Allow-Headers: origin
Content-Length: 16699

GET
H2 200 / Show response
js.stripe.com/v2/ 63 KB
21 KB 72ms
8ms Script
application/javascript 151.101.0.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

81b0036608574dee94fb2bf0eb8b23e9175d41fbb1c09132aa9e1e7f3250039a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
age: 177
x-cache: HIT
status: 200
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-length: 20941
x-amz-id-2: q9tT23U3qi66xEWJwS0J9ycB6cyGBpwEBj60ImiYvQMBmnDZW2OxfzTBCf7UMMP9Jx9LaY1shtI=
x-served-by: cache-hhn1543-HHN
last-modified: Thu, 20 Sep 2018 21:42:17 GMT
server: AmazonS3
x-timer: S1545242580.641897,VS0,VE0
etag: "c9a4d90231588d78319ccb195a41e3eb"
vary: Accept-Encoding
x-amz-request-id: E806C6D934BACF18
via: 1.1 varnish
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 167

GET
H2 200 stories.bundle.min.a3c69b.js Show response
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 90 KB
19 KB 11ms
10ms Script
application/javascript 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/stories.bundle.min.a3c69b.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec76a8791725e26557ae0aaaba4eb15e68301e54864f75311f7ad77455731da9

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 15 Dec 2018 17:56:01 GMT
content-encoding: gzip
last-modified: Sat, 15 Dec 2018 17:03:50 GMT
server: AmazonS3
age: 84962
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: UzNyvWaD39XRrIQsPwxWX2f9ZmF5yLjY70y5s3L6RwN5FX635Cmzug==
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)

GET
H2 200 storiesDefer.bundle.min.f32aec.js Show response
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 746 KB
195 KB 11ms
10ms Script
application/javascript 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.f32aec.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad164a5d21d4601d432d91d8f0fbd65d6e3b24f70798f75ae63bfbc2951cab37

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 16:45:33 GMT
content-encoding: gzip
last-modified: Wed, 05 Dec 2018 08:22:36 GMT
server: AmazonS3
age: 20240
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: JjL4ORiZ87aEe1jY35JKLNbW9A2V7vNcNUXGnafoni70mPAeD0Is6w==
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)

GET
H2 200 513405139012772 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/513405139012772?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

ebc51b5e6c7d632e48323c47b5eb68f121e8b321bb5e05ef1fb39fdf4bc8a34f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44256
x-xss-protection: 0
pragma: public
x-fb-debug: tNXJ91xtQ3stxs2C+pbBKmVgnB8qfG7mciHqfs6eJ+BPJlEt2ykvSXZwyQSVvmah4oVSbTytkmn136MMUxf4mg==
date: Wed, 19 Dec 2018 18:02:59 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules-38e6054579cf2b1595bd244b3975c490.js Show response
script.hotjar.com/ 399 KB
81 KB 45ms
45ms Script
application/javascript 147.75.80.178
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-38e6054579cf2b1595bd244b3975c490.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.80.178 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-25

Software

Resource Hash

91ac593c251900f8375f8da34f3b87afb65c360330e25f62b07ae98ae8cf46d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Dec 2018 17:52:07 GMT
access-control-allow-origin: *
etag: W/"38e6054579cf2b1595bd244b3975c490"
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.040
content-length: 82179
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: c2b165c1aefd0e4a436aac50b0e1606a
x-amz-version-id: Tt5ezr69rgccQPgGN5LKvdjITaZlSJh2

GET
H2 200 worker-68f4c079a93008e8e04f81f6476e5cc4.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 46 KB
15 KB 10ms
8ms XHR
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-68f4c079a93008e8e04f81f6476e5cc4.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: d11075cd7df2682b221d194573250d4aed0a6a4e3a151acf41d1b14053495b85

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Oct 2017 11:55:02 GMT
server: fra1dacdn
status: 200
etag: W/"59d4cc16-b83e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, public, max-age=604800

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_gid=114206853.1545242580&gjid=236602130&_v=j72&z=795377182
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182&slf_rd=1&random=533510245

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182&slf_rd=1&random=533510245

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=1885870366&_v=j72&z=795377182&slf_rd=1&random=533510245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1545242579693&cv=9&fst=1545242579693&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8162d49f559d26803d96f86b55f81f663f62b9f865c9bfda7397a429ba1e63fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1061
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1545242579698&cv=9&fst=1545242579698&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe874b8032c742f531e22c0b2bd68552fc02d71e916d4b6ef6c1003ace35fb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1062
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/ 2 KB
1 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/?random=1545242579734&cv=9&fst=1545242579734&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f48efb045bd94f72553e37dabf22e73b6759ecc4ab4f12961285222f7e582a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1063
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
449 B 486ms
157ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Wed%2C%2019%20Dec%202018%2018%3A02%3A59%20GMT&n=0&b=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&.yp=10063059&f=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:00 GMT
via: http/1.1 spdc0007.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 19 Dec 2018 18:03:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930975017/ 42 B
117 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930975017/?random=1545242579698&cv=9&fst=1545242400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=601165567&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/930975017/ 42 B
109 B 22ms
17ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/930975017/?random=1545242579698&cv=9&fst=1545242400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=601165567&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963384337/ 42 B
117 B 31ms
20ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963384337/?random=1545242579693&cv=9&fst=1545242400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1407137151&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/963384337/ 42 B
109 B 28ms
27ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/963384337/?random=1545242579693&cv=9&fst=1545242400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=1407137151&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
169 B 994ms
994ms Image
image/gif 199.16.156.75
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.75 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 6
pragma: no-cache
last-modified: Wed, 19 Dec 2018 18:02:59 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f56a0e97599cf5d748baf672ed6ddf14
x-transaction: 00b33251007a8ac3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 441308802710601 Show response
connect.facebook.net/signals/config/ 181 KB
43 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441308802710601?v=2.8.35&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

de48175c077ffa4ef22e1fdc0b89a9c4afb3daec01a99eb6b6df85e7cafa782e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44256
x-xss-protection: 0
pragma: public
x-fb-debug: k6tEdB632b4WjTTCn318ae9Rj3qVTgm6jhsiP0ne9nwwR+IPfibYnwROweqtzQDGiDg1OR+Qx/tHA8NEUPh/QA==
date: Wed, 19 Dec 2018 18:02:59 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=513405139012772&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1545242579813&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545242579812.1000982921&it=1545242579622&coo=false
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 19 Dec 2018 18:02:59 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/837073759/ 42 B
117 B 20ms
20ms Image
image/gif 2a00:1450:4001:806::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/837073759/?random=1545242579734&cv=9&fst=1545242400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2234382750&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/837073759/ 42 B
109 B 20ms
20ms Image
image/gif 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/837073759/?random=1545242579734&cv=9&fst=1545242400000&num=1&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgbc0&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2234382750&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:02:59 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
98 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1545242579865&sw=1600&sh=1200&v=2.8.35&r=stable&ec=0&o=30&fbp=fb.1.1545242579812.1000982921&it=1545242579622&coo=false
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:02:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 19 Dec 2018 18:02:59 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=513405139012772&ev=Microdata&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1545242580318&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Ketto.org%22%2C%22og%3Atype%22%3A%22kettoorg%3Acampaign%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd1vdjc70h9nzd9.cloudfront.net%2Fmedia%2Fcampaign%2F70000%2F70306%2Fimage%2F4e076e5333ad74594bfa78306da7d800494407cd.jpg%22%2C%22og%3Atitle%22%3A%22We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%22%2C%22og%3Adescription%22%3A%22The%20very%20thought%20of%20losing%20our%20only%20child%20steals%20our%20sleep%20away%20from%20us.%20From%20last%202%20years%2C%20we%20have%20only%20been%20in%20constant%20worry%20for%20Farin.She%20is%20four%20and%20a...%22%7D&cd[Meta]=%7B%22title%22%3A%22We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto%22%2C%22meta%3Adescription%22%3A%22The%20very%20thought%20of%20losing%20our%20only%20child%20steals%20our%20sleep%20away%20from%20us.%20From%20last%202%20years%2C%20we%20have%20only%20been%20in%20constant%20worry%20for%20Farin.She%20is%20four%20and%20a...%22%2C%22meta%3Akeywords%22%3A%22We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%2C%20Sirajudeen%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds%2C%20story%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1545242580317.919145468&it=1545242579622&coo=false&es=automatic
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 19 Dec 2018 18:03:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
98 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=441308802710601&ev=Microdata&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1545242580367&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Ketto.org%22%2C%22og%3Atype%22%3A%22kettoorg%3Acampaign%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd1vdjc70h9nzd9.cloudfront.net%2Fmedia%2Fcampaign%2F70000%2F70306%2Fimage%2F4e076e5333ad74594bfa78306da7d800494407cd.jpg%22%2C%22og%3Atitle%22%3A%22We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%22%2C%22og%3Adescription%22%3A%22The%20very%20thought%20of%20losing%20our%20only%20child%20steals%20our%20sleep%20away%20from%20us.%20From%20last%202%20years%2C%20we%20have%20only%20been%20in%20constant%20worry%20for%20Farin.She%20is%20four%20and%20a...%22%7D&cd[Meta]=%7B%22title%22%3A%22We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%20-%20Ketto%22%2C%22meta%3Adescription%22%3A%22The%20very%20thought%20of%20losing%20our%20only%20child%20steals%20our%20sleep%20away%20from%20us.%20From%20last%202%20years%2C%20we%20have%20only%20been%20in%20constant%20worry%20for%20Farin.She%20is%20four%20and%20a...%22%2C%22meta%3Akeywords%22%3A%22We%20Are%20Left%20With%20Nothing%20Now%20But%20Hope%2C%20Please%20Help%20Save%20My%20Dying%20Daughter.%2C%20Sirajudeen%2C%20Ketto%2C%20crowdfunding%20platform%20in%20India%2C%20raise%20funds%2C%20story%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.35&r=stable&ec=1&o=30&fbp=fb.1.1545242580317.919145468&it=1545242579622&coo=false&es=automatic
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 19 Dec 2018 18:03:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: d1vdjc70h9nzd9.cloudfront.net
URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.f32aec.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

3b0730d022e93c8fe7885b3c14366ff80ca087ddcb4b723bd9f36a9bfbd4db5c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Q74fscUKMlAgeDB34D3U5w==
status: 200
vary: Accept-Encoding
content-length: 60670
x-xss-protection: 0
x-fb-debug: eN5ahnDmM/WvdPsT4Pt2JdI38pArXsL4fotXyIvvYtHtLM+38Yzn99g2nVnxwZuif2lfOyFvRjafHzfv9aRVDQ==
x-fb-content-md5: a898c09d3b2887810d80c9497baa1c0d
date: Wed, 19 Dec 2018 18:03:00 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "abace8337597f6838fc17c54af3b8e4b"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Wed, 19 Dec 2018 18:21:26 GMT

POST
H/1.1 200
OK Cookie set ajax.php Show response
www.ketto.org/vars/ 110 B
2 KB 252ms
251ms XHR
text/html 13.232.153.143
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/vars/ajax.php
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.232.153.143 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-232-153-143.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.32 / PHP/5.6.32
Resource Hash: 25602cc25bd2ba88d1df0215b543fa6839fe4bdb2caebeec91a533d9027714ba

Request headers

Pragma: no-cache
X-NewRelic-ID: VQUGVFNQDhABUFVWDgMEUQ==
Origin: https://www.ketto.org
Accept-Encoding: gzip, deflate, br
Host: www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: _fbp=fb.1.1545242580317.919145468
Connection: keep-alive
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Content-Length: 22
Accept: application/json, text/javascript, */*; q=0.01
X-NewRelic-ID: VQUGVFNQDhABUFVWDgMEUQ==
Origin: https://www.ketto.org
X-Requested-With: XMLHttpRequest
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 19 Dec 2018 18:03:00 GMT
Content-Encoding: gzip
X-NewRelic-App-Data: PxQGUldWDQAGR1BWAwUOVFcGFB9AMQYAZBBZDEtZV0ZaClc9HiJGERBZWj1JBUpcXhAkDFNtGBAFQ0VvTQcJA0hAFFIWCAQCA1UVUR9RBVRcBRtMV08aAQhQVFMPVFRTV1UAAlMHB0AcBFkOS11p
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.32
PageURL-1: 1
X-Powered-By: PHP/5.6.32
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: KETTOSESSID=2soqnnv3bbci4g9eciqvo96bd7; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Wed, 26-Dec-2018 18:03:00 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=2ffb5445d46f9874d93d941ad1e426e6; expires=Fri, 25-Nov-2118 18:03:00 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiIzNjdjM2QxN2I0YzZhNTg2ZDA4YjJlYTc3NWFkNzdjZiIsInN0IjoxNTQ1MjQ0MzgwfQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Wed, 26-Dec-2018 18:03:00 GMT; Max-Age=604800; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Wed, 26-Dec-2018 18:03:00 GMT; Max-Age=604800; path=/; domain=.ketto.org
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
X-Mod-Pagespeed: 1.13.35.2-0
Connection: Keep-Alive
Keep-Alive: timeout=15, max=59
Content-Length: 91

GET
H2 200 helpfarin Show response
apis.ketto.org/api/fundraisers/ 2 KB
885 B 1711ms
245ms XHR
application/json 54.169.244.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ketto.org/api/fundraisers/helpfarin?with=viewmedicalbill

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.11.9 /

Resource Hash

2de8829de6fe96b436ab4e270194c342bc55e3d91026740e2d0dfd1e8fc14181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /api/fundraisers/helpfarin?with=viewmedicalbill
pragma: no-cache
origin: https://www.ketto.org
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: apis.ketto.org
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
:scheme: https
:method: GET
Accept: */*
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:02 GMT
content-encoding: gzip
status: 200
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Origin
content-type: application/json
access-control-allow-origin: https://www.ketto.org
x-xss-protection: 1; mode=block
cache-control: no-cache, private
x-content-type-options: nosniff

GET
H2 200 comments Show response
apis.ketto.org/api/fundraisers/helpfarin/ 3 KB
1 KB 1720ms
254ms XHR
application/json 54.169.244.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ketto.org/api/fundraisers/helpfarin/comments?limit=5&page=1

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.11.9 /

Resource Hash

cb44f4887bb8b09d0187a4e6d0777a756b89955533b01ad1d6e6bded19dd94e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /api/fundraisers/helpfarin/comments?limit=5&page=1
pragma: no-cache
origin: https://www.ketto.org
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: apis.ketto.org
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
:scheme: https
:method: GET
Accept: */*
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:02 GMT
content-encoding: gzip
status: 200
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Origin
content-type: application/json
access-control-allow-origin: https://www.ketto.org
x-xss-protection: 1; mode=block
cache-control: no-cache, private
x-content-type-options: nosniff

GET
H2 200 donors Show response
apis.ketto.org/api/fundraisers/70306/ 25 B
292 B 1705ms
262ms XHR
application/json 54.169.244.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ketto.org/api/fundraisers/70306/donors?with=donoravtar;comments;activation&donor_entity_details_id=undefined&orderBy=creation_date&sortedBy=desc

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.11.9 /

Resource Hash

28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /api/fundraisers/70306/donors?with=donoravtar;comments;activation&donor_entity_details_id=undefined&orderBy=creation_date&sortedBy=desc
pragma: no-cache
origin: https://www.ketto.org
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: apis.ketto.org
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
:scheme: https
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:02 GMT
content-encoding: gzip
status: 200
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Origin
content-type: application/json
access-control-allow-origin: https://www.ketto.org
x-xss-protection: 1; mode=block
cache-control: no-cache, private
x-content-type-options: nosniff

GET
H2 200 donors Show response
apis.ketto.org/api/fundraisers/70306/ 4 KB
1 KB 1838ms
396ms XHR
application/json 54.169.244.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ketto.org/api/fundraisers/70306/donors?with=donoravtar;activation&limit=10&page=1&orderBy=creation_date&sortedBy=desc

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.11.9 /

Resource Hash

c992a85700a5e21c970ba0ec2b657e2e652ecdb2a72cb108065217d676b2c5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /api/fundraisers/70306/donors?with=donoravtar;activation&limit=10&page=1&orderBy=creation_date&sortedBy=desc
pragma: no-cache
origin: https://www.ketto.org
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: apis.ketto.org
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
:scheme: https
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:02 GMT
content-encoding: gzip
status: 200
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Origin
content-type: application/json
access-control-allow-origin: https://www.ketto.org
x-xss-protection: 1; mode=block
cache-control: no-cache, private
x-content-type-options: nosniff

GET
H2 200 updates Show response
apis.ketto.org/api/fundraisers/70306/ 2 KB
1 KB 1802ms
361ms XHR
application/json 54.169.244.171
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.ketto.org/api/fundraisers/70306/updates?with=owner.avtar&limit=1&page=1&orderBy=id&sortedBy=desc

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.11.9 /

Resource Hash

fb290807222c02a89787fa762198c27e14ed0966932472ffecdbe99f9665d4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /api/fundraisers/70306/updates?with=owner.avtar&limit=1&page=1&orderBy=id&sortedBy=desc
pragma: no-cache
origin: https://www.ketto.org
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: apis.ketto.org
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
:scheme: https
:method: GET
Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:02 GMT
content-encoding: gzip
status: 200
server: nginx/1.11.9
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Origin
content-type: application/json
access-control-allow-origin: https://www.ketto.org
x-xss-protection: 1; mode=block
cache-control: no-cache, private
x-content-type-options: nosniff

GET
H2 200 logo-light-bg.svg
d1vdjc70h9nzd9.cloudfront.net/images/ 4 KB
2 KB 9ms
8ms Image
image/svg+xml 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 24 Nov 2018 05:17:37 GMT
content-encoding: gzip
last-modified: Mon, 07 May 2018 14:11:57 GMT
server: AmazonS3
age: 2205924
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=31536000
x-amz-cf-id: MahNof22XvUe9RYzeJMC51ZIoAB8HlmKifeMH38Yda63dUZ9pIWweA==
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)

GET
H2 200 icon-secure-lock.png
d1vdjc70h9nzd9.cloudfront.net/images/ 2 KB
2 KB 12ms
12ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/icon-secure-lock.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 13 Dec 2018 11:17:07 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Thu, 13 Dec 2018 11:12:04 GMT
server: AmazonS3
age: 19117
etag: "b073ad3e3f41cfd507c4b09034b210ee"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 1552
x-amz-cf-id: ihANeZFMknKZUxkN2M_8Kek0PyTkQAT4t3XlNupPp4_vjmwo5AHswg==

GET
H2 200 mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ 4 KB
4 KB 15ms
15ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/mi-shine.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a329af.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 04 Oct 2018 04:37:47 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:12:02 GMT
server: AmazonS3
age: 6614713
etag: "37d16b2f8ba85dd0f6daa5db90b7f902"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3890
x-amz-cf-id: JLy2TqhM1OTldZBaB7ZKyvNjzo4gTO9snwSzGVlsnbo83NKx2zSosQ==

GET
H2 200 source-sans-pro-v11-latin-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 16 KB
16 KB 16ms
15ms Font
binary/octet-stream 2600:9000:20bb:d200:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-regular.woff2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:d200:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a329af.css
Origin: https://www.ketto.org

Response headers

date: Thu, 23 Aug 2018 18:29:26 GMT
via: 1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
age: 4399
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 15908
last-modified: Tue, 21 Aug 2018 08:26:18 GMT
server: AmazonS3
etag: "76d8cbb0496cb184eff868152b67ad45"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Qja-E59XfeXn3Buv30n9BXs4Xhi7UCQ-RGAafmfZ02uygNzPbPDLhQ==

GET
H2 200 faq_sprite_desktop.png
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 17 KB
18 KB 13ms
13ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/stories/faq_sprite_desktop.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6babff8a064a68c126adbc925a876484b9540e78f9d24711d6b529071a8ffd2

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a329af.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 06:11:33 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jul 2018 10:15:04 GMT
server: AmazonS3
age: 65462
etag: "274403d290205d18ed8a1a4609da867d"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 17714
x-amz-cf-id: DMDNbliMyvCjzJddi4h75FIIGX-kkeCdGXOUHll3bM8JG75ADBT05g==

GET
H2 200 BngRUXZYTXPIvIBgJJSb6u9mxLCGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v7/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u9mxLCGwR2oefDo.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

be324f832c99a743be6e9bb6e888e37f1d6ad4e3fb0b9390477a40c2d5d6ce99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700,500|Noto+Sans:400,700
Origin: https://www.ketto.org

Response headers

date: Wed, 12 Dec 2018 18:35:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:32:10 GMT
server: sffe
age: 602836
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11092
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 18:35:44 GMT

GET
H2 200 source-sans-pro-v11-latin-700.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 15 KB
16 KB 22ms
22ms Font
binary/octet-stream 2600:9000:20bb:d200:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-700.woff2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:d200:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a329af.css
Origin: https://www.ketto.org

Response headers

date: Thu, 23 Aug 2018 18:29:26 GMT
via: 1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
age: 39829
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 15480
last-modified: Tue, 21 Aug 2018 08:26:12 GMT
server: AmazonS3
etag: "f04441cfc122bf84e1cf24058fddba87"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 1DZKUgy6oLnEN_PBf2sHD_YvFwVCp7dwuh0uzTKBuAU8SW5mnF_x8Q==

GET
H2 200 glyphicons-halflings-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/ 18 KB
18 KB 24ms
23ms Font
binary/octet-stream 2600:9000:20bb:d200:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:d200:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
Origin: https://www.ketto.org

Response headers

date: Wed, 26 Sep 2018 06:42:32 GMT
via: 1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
age: 6760
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 18028
last-modified: Wed, 26 Sep 2018 06:41:03 GMT
server: AmazonS3
etag: "448c34a56d699c29117adc64c43affeb"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: _PeFTKJI95x5WmI9oQu2zihn2jDSDLctV8dLkB5o0oeRMwpD2zxjtg==

GET
H/1.1 200
OK a Show response
wzrkt.com/ 189 B
519 B 30ms
30ms Script
text/javascript 52.50.103.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://wzrkt.com/a?t=88&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciAwiVIQJYDmaABAGo0wDuMAJtrmACKEwhBKH4oaAYxiMAKtDIhxAZwDWYAPZReABUJ0ZAVQBKAGQQgA9Ms0AnNsssALGABsoAM0L20vAMowyso0GkwAkvwWAGwArABGABwATB4JUXFcMB4eUTAAnADMAOwFBZKSSYRxkgAsMQCMXAAMBbxhOowAglxctoHKFgkFAHR5RcNJI0n1vABCthrsyjC2FuROC6S8lMTU9EyyNGCuigDqMt4yJx5gjOxHToxoGmBONGh0T4tYjHEArrcnFoYD8dCdCMtGC53IxlIRUIxiBBGFwIO9PlxCH86E4wCtePg6BpGBELEV6gU8rwAKKoDAkyKIJrbLGQ0mIeoxZk4HZ7BgMsktJpRFm7Wj8%2BSwCyEHg4QyyACyjD8Gj%2BtmkFhgAA88bY0IRXAB9VToZSSEK8eVKhXcGh%2FYia4i0VyWxWMXni3yIaGebzvXiSmCGzqzCyhgC%2BOBoPEQNWMUQAtDUigkE8ZjDUAFq8OgWDwVLgJSQFepxQgwQg1cuSPIwJoNKIFOJjKo5Cq8KC5%2BD1cNAAAA%3D%3D&rn=2&i=1545242580&sn=0&gc=fc2d8c31baea4aec9e05163b97abf6c2&r=1545242580963
Requested by: Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.50.103.2 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-50-103-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 20d507b3ac574080805b988db5ed4646347884a610b8ffb834c9a4808592872d

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Content-Length: 189
Expires: Thu, 01 Jan 1970 00:00:00 GMT, 0

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=988443&seg=12457517&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D988443%26seg%3D12457517%26t%3D1

1007 B
1 KB

14ms
14ms

Script
application/javascript

185.33.223.210
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D988443%26seg%3D12457517%26t%3D1

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

099099b02de6423955d3b29c2057620301faa9832a0a9e5aff566c270d4f307b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 18:03:03 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 83.97.23.21; 83.97.23.21; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e34e897f-0137-4d6a-990a-1c1c92af0292
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 19 Dec 2018 18:03:03 GMT
AN-X-Request-Uuid: ded8d347-866b-4078-87f5-e38fbd50223d
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D988443%26seg%3D12457517%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 83.97.23.21; 83.97.23.21; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
graph.facebook.com/ 542 B
737 B 131ms
42ms XHR
application/json 2a03:2880:f029:11:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https://www.ketto.org/stories/helpfarin

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f029:11:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1795f5502dd988b5dc90ce3b9c7dd056935d0dcde0cc205139308eccc9dd85f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: */*
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "f67797eb08d381da9b91d80e34bd9c5f798392c2"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 4648579
content-length: 320
pragma: no-cache
x-fb-debug: qXdTz5zLAz2NgdnZkZ3ypl+yLPC5Y7LKuZhFpTadhvXS0UpS5077fLtQG0mo5On9QBYu7Oj+u5ERE5SQBuM5+Q==
x-fb-trace-id: GK98Q2jIxFL
date: Wed, 19 Dec 2018 18:03:01 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 icon-select.png
d1vdjc70h9nzd9.cloudfront.net/images/ 168 B
501 B 62ms
61ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/icon-select.png
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52ed49f76c6f0aa20536879fc017e64532d995e7645dc17e99f8c311cfdf12b3

Request headers

Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/custom.24156f.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 12 May 2018 15:54:56 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:10:43 GMT
server: AmazonS3
age: 19102086
etag: "fe136b8d97a603c43987a99ad538a020"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 168
x-amz-cf-id: xBzz99Nv312QwTAgxL3ys_2CsvLcqIQb1Pk0OjirOBRPfniPkKZMxQ==

GET
H2 200 7.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ 15 KB
15 KB 22ms
9ms Image
image/png 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/7.png
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7143357f014d4f423a93739d4e083cb74ce226a80c980df06d4e726822c7e33

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 14:32:08 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Mon, 07 May 2018 14:12:08 GMT
server: AmazonS3
age: 16947054
etag: "0e449499e52f2110e0d83c5e783211c3"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15362
x-amz-cf-id: _EuM440akNr0QGjSJo5fncXkRNDoij3VYONoXTcpUh6fpO2Nw_DN-w==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_sourc...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_gid=1959945244.1545242581&gjid=868004776&_v=j72&z=414288358
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358&slf_rd=1&random=1037575269

42 B
109 B

19ms
16ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358&slf_rd=1&random=1037575269

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=482998400.1545242581&jid=399478527&_v=j72&z=414288358&slf_rd=1&random=1037575269
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 mark
trc.taboola.com/ketto-sc/log/3/ 0
368 B 58ms
17ms Image
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/ketto-sc/log/3/mark?marking-type=Visitor&item-url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&gtmcb=1345640424
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:01 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn1525-HHN
pragma: no-cache
server: nginx
x-timer: S1545242581.103847,VS0,VE8
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
244 B 20ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=513405139012772&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1545242580987&sw=1600&sh=1200&v=2.8.35&r=stable&ec=2&o=30&fbp=fb.1.1545242580317.919145468&it=1545242579622&coo=false
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 19 Dec 2018 18:03:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
200 B 21ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1545242580988&sw=1600&sh=1200&v=2.8.35&r=stable&ec=2&o=30&fbp=fb.1.1545242580317.919145468&it=1545242579622&coo=false
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 19 Dec 2018 18:03:01 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
268 B 290ms
288ms Script
application/javascript 199.16.156.73
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.16.156.73 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_b /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 16
pragma: no-cache
last-modified: Wed, 19 Dec 2018 18:03:01 GMT
server: tsa_b
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 37d351c1d816fd73eb8aa842d237874b
x-transaction: 00b795e30072fff6
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 channel.html
js.stripe.com/v2/ Frame 45C0 0
0 25ms
7ms Document
text/html 151.101.0.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default808896&stripe_xdm_p=1

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v2/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default808896&stripe_xdm_p=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Response headers

status: 200
x-amz-id-2: PAAS7erzzHUIcxpgePhIKMpN9lGtUt8II5sFQxUnyhTGe7EzatE3xaxRUtCQFHnLsCWgdnp373E=
x-amz-request-id: AF202A5014050127
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
etag: "19af0c6cc7a0bca20a355b3362dc64a0"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 19 Dec 2018 18:03:01 GMT
via: 1.1 varnish
age: 20
x-served-by: cache-hhn1543-HHN
x-cache: HIT
x-cache-hits: 29
x-timer: S1545242581.104185,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 560

GET
H2 200 16a7e8fc95c3ce2369da3809a16ef2e80cd9f204.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 73 KB
73 KB 26ms
25ms Image
image/jpeg 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/16a7e8fc95c3ce2369da3809a16ef2e80cd9f204.jpg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f9d5432c995c67684bfc623858683952097f38c7405c894b2dccceb81af54b4

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 15 Dec 2018 17:27:10 GMT
via: 1.1 c4ada86230c95b165d889d1f1d10389d.cloudfront.net (CloudFront)
last-modified: Fri, 19 Oct 2018 11:44:15 GMT
server: AmazonS3
age: 347752
etag: "a4bf655c5df409c83cb3a618b83c83de"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 74761
x-amz-cf-id: DKJW5R0oUu7KP2fNFq7_ZKUscI__AIJtIuUi4NuoIbW93Zdz6lvaJA==

GET
H2 204 unip Show response
trc.taboola.com/1034141/log/3/ 0
74 B 17ms
16ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1034141/log/3/unip?en=page_view&tim=18%3A03%3A01.171
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org

Response headers

date: Wed, 19 Dec 2018 18:03:01 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-cache-hits: 0
x-served-by: cache-hhn1525-HHN
pragma: no-cache
server: nginx
x-timer: S1545242581.175726,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 unip Show response
trc.taboola.com/1034141/log/3/ 0
54 B 16ms
15ms XHR
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1034141/log/3/unip?en=view_content&tim=18%3A03%3A01.177
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Origin: https://www.ketto.org

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1545242581.180827,VS0,VE8
x-served-by: cache-hhn1525-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 009B 0
0 26ms
25ms Document
text/html 147.75.83.19
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.83.19 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-24
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Response headers

status: 200
date: Wed, 19 Dec 2018 18:03:01 GMT
content-type: text/html
content-length: 857
cache-control: max-age=31536000
last-modified: Mon, 10 Dec 2018 16:17:20 GMT
x-amz-version-id: cvcXCkC..b1GKLp33U6b8IR_h4lDxgdQ
section-io-origin-status: 200
section-io-origin-time-seconds: 0.043
etag: W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding: gzip
accept-ranges: bytes
section-io-id: d20dbdc5ec7e551c1f286d9b43be19ac

GET
H2

200

activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
8611446.fls.doubleclick.net/
Redirect Chain

https://8611446.fls.doubleclick.net/activityi;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
https://8611446.fls.doubleclick.net/activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

0
618 B

77ms
69ms

Image
text/html

216.58.207.38
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8611446.fls.doubleclick.net/activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.58.207.38 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s24-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

date: Wed, 19 Dec 2018 18:03:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
location: https://8611446.fls.doubleclick.net/activityi;dc_pre=CKHTlpm9rN8CFQ4U4AodoNADiQ;src=8611446;type=invmedia;cat=ibr10oyk;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

503
Service Unavailable: Back-end server is at capacity

apxs
px.instabid.tech/
Redirect Chain

https://ads.instabid.tech/s?s=ktlp
https://cm.g.doubleclick.net/pixel?google_nid=yoptima_media_solutions_pvt_ltd&google_hm=UUtnVlc2TkIybUZIZU41c1FrWUxZVA
https://px.instabid.tech/apxs

0
111 B

16093ms
275ms

Image
text/plain

54.169.14.94
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.instabid.tech/apxs
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.14.94 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-169-14-94.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
server: HTTP server (unknown)
location: https://px.instabid.tech/apxs
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 226
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/795178636/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=1YcaXLG6DYPA7gPrmqewDQ...
https://www.google.com/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw&gtd=&cdct=2&is...
https://www.google.de/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw&gtd=&cdct=2&is_...

42 B
109 B

42ms
41ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=252905846&ipr=y

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/795178636/?label=AyXPCMGTzIYBEIztlfsC&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=810259499&sscte=1&crd=CILQGw&gtd=&cdct=2&is_vtc=1&ocp_id=1YcaXLG6DYPA7gPrmqewDQ&random=252905846&ipr=y
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip
trc.taboola.com/1070973/log/3/ 0
54 B 19ms
18ms Image
image/gif 151.101.2.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1070973/log/3/unip?en=page_view
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1545242581.215902,VS0,VE8
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
cache-control: no-cache
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
access-control-allow-origin: *
x-served-by: cache-hhn1525-HHN

GET
H2 200 j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 9041 0
0 15ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
accept-encoding: gzip, deflate, br
cookie: fr=0Yw1jSE68d7dPf4xs..BcGofV...1.0.BcGofV.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 17 Dec 2019 20:14:46 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: K7thzqsaMvtupE/P4hEE9+KcI9G9OgNfET5prro2jFNkLrwDntKR8j2extZFDvQTm0tfBDKG+SIV2TTrq+f7cg==
content-length: 12060
date: Wed, 19 Dec 2018 18:03:01 GMT

GET
H2 200 icomoon.ve86pe.ttf
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ 38 KB
38 KB 20ms
19ms Font
binary/octet-stream 2600:9000:20bb:d200:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/icomoon.ve86pe.ttf
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:d200:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3578fc4c269069b2b094acb025ec38d04f4d2b2f5790e0d30d704dcf32e9d1d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a329af.css
Origin: https://www.ketto.org

Response headers

date: Thu, 01 Nov 2018 15:48:37 GMT
via: 1.1 177d9edea4bc2d9db934cc4080f20342.cloudfront.net (CloudFront)
age: 49973
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
content-length: 38648
last-modified: Thu, 01 Nov 2018 12:11:46 GMT
server: AmazonS3
etag: "969c62062f7f03bc810d910746bb15a8"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: qxmigVbl2M3Iz-TMiYRMa8ELXFN5sysp4_xaSQt1qHmY6_yzuJ_FHw==

GET
H/1.1 200
OK Cookie set system_event.php Show response
www.ketto.org/vars/ 16 B
732 B 308ms
307ms XHR
application/json 13.232.153.143
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/vars/system_event.php?val%5BeventName%5D=pageView&val%5Bevent_type%5D=campaign&val%5Bevent_type_id%5D=70306&val%5Bpage_name%5D=stories&val%5Breferrer_page%5D=
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.232.153.143 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-13-232-153-143.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.32 / PHP/5.6.32
Resource Hash: 39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Pragma: no-cache
X-NewRelic-ID: VQUGVFNQDhABUFVWDgMEUQ==
Accept-Encoding: gzip, deflate, br
Host: www.ketto.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: KETTOSESSID=2soqnnv3bbci4g9eciqvo96bd7; ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; _ku=2ffb5445d46f9874d93d941ad1e426e6; _ks=eyJzaWQiOiIzNjdjM2QxN2I0YzZhNTg2ZDA4YjJlYTc3NWFkNzdjZiIsInN0IjoxNTQ1MjQ0MzgwfQ%3D%3D; WZRK_L=%257B%257D; WZRK_S_4R6-478-RR4Z=%7B%22s%22%3A1545242578%2C%22t%22%3A1545242581%7D
Connection: keep-alive
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Accept: */*
X-NewRelic-ID: VQUGVFNQDhABUFVWDgMEUQ==
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Pragma: no-cache
Date: Wed, 19 Dec 2018 18:03:03 GMT
X-NewRelic-App-Data: PxQGUldWDQAGR1BWAwUOVFcGFB9AMQYAZBBZDEtZV0ZaClc9HiJGERBZWj1JBUpcXhAkDFNtGBAFQ0VvTRUaEUQHVT1dTlFcR0cVUR9RA1JUBhtRSFIKAgJUTU8GHRVWUQdTClYCAlIDB11UWwxREB8DWA1CBG4=
Server: Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.32
PageURL-1: 1
X-Powered-By: PHP/5.6.32
Content-Type: application/json
Set-Cookie: _ks=eyJzaWQiOiIzNjdjM2QxN2I0YzZhNTg2ZDA4YjJlYTc3NWFkNzdjZiIsInN0IjoxNTQ1MjQ0MzgzfQ%3D%3D; path=/; domain=.ketto.org
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=15, max=58
Content-Length: 16
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 outer.html
js.stripe.com/v2/m/ Frame B48B 0
0 8ms
7ms Document
text/html 151.101.0.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/m/outer.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v2/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/m/outer.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Response headers

status: 200
x-amz-id-2: 5uy/DiOJ+H7Jf06UWOFGQx1PZDbAL6EVTnptdgehu/uh/z/vH39mlAqPVywExecNxGDSn6CLvXg=
x-amz-request-id: 4E37A30B84785526
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
etag: "51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 19 Dec 2018 18:03:05 GMT
via: 1.1 varnish
age: 261
x-served-by: cache-hhn1543-HHN
x-cache: HIT
x-cache-hits: 270
x-timer: S1545242585.474920,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 388

GET
H2 200 default-campaign-picture.jpg
d1vdjc70h9nzd9.cloudfront.net/images/ 10 KB
10 KB 84ms
28ms Image
image/jpeg 2600:9000:20bb:3e00:d:e617:f340:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1vdjc70h9nzd9.cloudfront.net/images/default-campaign-picture.jpg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 337afd84c4413d5b4d590d4fa7da21db38d8b7625748ea3bb03cd5dc81fd2225

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 18 Dec 2018 18:28:16 GMT
via: 1.1 170fdbe261f5e85186a08817806feba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2017 16:55:22 GMT
server: AmazonS3
age: 19487764
etag: "4e91f531da989e98014d571e98774feb"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 9858
x-amz-cf-id: EeWb1dmk6TmLEVyZHRyOZB5TYxM6ew963ZmUgYfVDYgmMPZiRmkhHA==

GET
H2 200 nr-1099.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 58ms
9ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1099.min.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 18:03:18 GMT
content-encoding: gzip
x-amz-request-id: 721001A39CB7D50B
x-cache: HIT
status: 200
content-length: 9139
x-amz-id-2: NxMxfptyk7m72ZRtwDBFrYLt42q+zxYhs3n9RkXhwCypFX0QIhKQ++L2sfAGR6WMd083eZI9VXw=
x-served-by: cache-hhn1539-HHN
last-modified: Tue, 02 Oct 2018 02:58:53 GMT
server: AmazonS3
x-timer: S1545242598.243770,VS0,VE0
etag: "eed931ffe2a555a310715cf8678d32f5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 15884

GET
H2

200

j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame D097
Redirect Chain

https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%...
https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

0
0

87ms
6ms

Document
text/html

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 17 Dec 2019 20:14:46 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: K7thzqsaMvtupE/P4hEE9+KcI9G9OgNfET5prro2jFNkLrwDntKR8j2extZFDvQTm0tfBDKG+SIV2TTrq+f7cg==
content-length: 12060
date: Wed, 19 Dec 2018 18:03:18 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43#cb=f2bce06972409c8&domain=www.ketto.org&origin=https%3A%2F%2Fwww.ketto.org%2Ff10a56fd8282dbc&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: WiR0WnH+MLUeYcHT5DyRChjdQDlcxbHmfWmvvUhfE/bFzRJ2GVa1LoxL4Y6jG31b7OxuG0n/hFDrP3C8T2doIA==
content-length: 0
date: Wed, 19 Dec 2018 18:03:18 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j72&a=2001166831&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fhelpfarin%3Futm_campaign%3Dhelpfarin%26utm_medium%3Demail%26utm_sourc...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_gid=114206853.1545242580&gjid=50341387&_v=j72&z=1066483089
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089&slf_rd=1&random=640567421

42 B
378 B

28ms
17ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089&slf_rd=1&random=640567421

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 19 Dec 2018 18:03:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=105910923.1545242580&jid=2004041413&_v=j72&z=1066483089&slf_rd=1&random=640567421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK f64838bf44 Show response
bam.nr-data.net/1/ 57 B
261 B 446ms
110ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f64838bf44?a=14449237&v=1099.d27c17c&to=blRTbBcCCBIAW0NZWlceck0WFwkMTl5FX1tNdF9cShASDhNRUkMaSkVeShw%3D&rst=21043&ref=https://www.ketto.org/stories/helpfarin&ap=264&be=1884&fe=20906&dc=3328&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1545242577279,%22n%22:0,%22f%22:712,%22dn%22:713,%22dne%22:753,%22c%22:753,%22s%22:868,%22ce%22:1103,%22rq%22:1104,%22rp%22:1875,%22rpe%22:2112,%22dl%22:1878,%22di%22:2519,%22ds%22:3328,%22de%22:3786,%22dc%22:20905,%22l%22:20905,%22le%22:20948%7D,%22navigation%22:%7B%7D%7D&at=QhNQGl8YGxw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1099.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.ketto.org/stories/helpfarin?utm_campaign=helpfarin&utm_medium=email&utm_source=external_kenscio
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.ketto.org/	1970-01-18 21:57:14	Name: utm_medium Value: email
			www.ketto.org/	1970-01-18 21:57:14	Name: utm_source Value: external_kenscio

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8611446.fls.doubleclick.net
ads.instabid.tech
ajax.googleapis.com
analytics.twitter.com
apis.ketto.org
bam.nr-data.net
c.agdgtl.com
cdn.taboola.com
checkout.razorpay.com
cm.g.doubleclick.net
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
js-agent.newrelic.com
js.stripe.com
mail.quicklivedeals.com
px.instabid.tech
s.yimg.com
script.hotjar.com
secure.adnxs.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
trc.taboola.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ketto.org
wzrkt.com
104.244.46.80
13.126.155.42
13.232.153.143
143.204.101.78
147.75.80.178
147.75.83.19
151.101.0.176
151.101.2.110
151.101.2.2
159.122.87.148
159.122.87.153
162.247.242.19
172.217.23.162
185.33.223.210
188.125.66.33
199.16.156.73
199.16.156.75
216.58.205.226
216.58.207.38
2600:9000:20bb:3e00:d:e617:f340:21
2600:9000:20bb:d200:d:e617:f340:21
2a00:1288:7c:800::4001
2a00:1450:4001:806::2004
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2002
2a00:1450:4001:821::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c08::9a
2a00:1450:400c:c08::9c
2a00:1450:400c:c0a::61
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f029:11:face:b00c:0:2
2a03:2880:f11c:8083:face:b00c:0:25de
52.210.161.187
52.50.103.2
52.77.171.92
54.169.14.94
54.169.244.171
91.192.43.151
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0678fe3986782fd747ccdf5678028638d871c00001a57e81eb9cab942f04834e
099099b02de6423955d3b29c2057620301faa9832a0a9e5aff566c270d4f307b
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1207558f5b5d377866cd340cdc8a4c0ae15098fa521dcdd6dbd6ce4fa77c6c9e
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
1795f5502dd988b5dc90ce3b9c7dd056935d0dcde0cc205139308eccc9dd85f4
1a354d833d3717ca39f39a46d944c65c4f575743c8bc00689acbcf463d3de6cf
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117
1f9d5432c995c67684bfc623858683952097f38c7405c894b2dccceb81af54b4
20d507b3ac574080805b988db5ed4646347884a610b8ffb834c9a4808592872d
25602cc25bd2ba88d1df0215b543fa6839fe4bdb2caebeec91a533d9027714ba
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
2de8829de6fe96b436ab4e270194c342bc55e3d91026740e2d0dfd1e8fc14181
2f5bc5ddd4401d58adc04ff122c395d429c213fe2b8ec86d9f4312cf5598989b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
337afd84c4413d5b4d590d4fa7da21db38d8b7625748ea3bb03cd5dc81fd2225
35281730aea2864d868b17ccd6e3e2ea74b53bb1091e8613dd249c689b1ac989
3578fc4c269069b2b094acb025ec38d04f4d2b2f5790e0d30d704dcf32e9d1d2
3766c7dc97eb5b7347bc167cd08e79ea9273fbf587a4741198ba0a0bcaaed0d7
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
3b0730d022e93c8fe7885b3c14366ff80ca087ddcb4b723bd9f36a9bfbd4db5c
46be62e10ab7fe56805a7a51ae7ca54c96539db8c3e5121fe50a9e6236f15a5b
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
50fd02e7397cb3745341be12701a2583d187f3f78115c41de0aa96a0cdf27775
525936107596e6a3c36cda1babfa7a688cc88988858f03effbc2605a1e01a03b
52ed49f76c6f0aa20536879fc017e64532d995e7645dc17e99f8c311cfdf12b3
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794
6be7b10da3436735a7da81070eb1392f8503614a1f1bc77dfd6c634d64028f17
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8162d49f559d26803d96f86b55f81f663f62b9f865c9bfda7397a429ba1e63fd
81b0036608574dee94fb2bf0eb8b23e9175d41fbb1c09132aa9e1e7f3250039a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91ac593c251900f8375f8da34f3b87afb65c360330e25f62b07ae98ae8cf46d2
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156
95375255ecc9eeec1f7f415fca9d993cd3b446b3c217c69729b1038e1e5afc14
998d548363a3d9f10ddf546d5102887498076733fdafca8bc1bf74d988b3049a
9f7ec14b65196ecc6380422716725a5a5dcb4261f5988ef381905dd0f8fd031f
9fe874b8032c742f531e22c0b2bd68552fc02d71e916d4b6ef6c1003ace35fb2
a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad164a5d21d4601d432d91d8f0fbd65d6e3b24f70798f75ae63bfbc2951cab37
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b92379c5b60656b10a5a9955af716cb4d4bd964518fe6cb3e55e88153a8a4cdc
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
be324f832c99a743be6e9bb6e888e37f1d6ad4e3fb0b9390477a40c2d5d6ce99
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c571030c5e0ec1150f1a9d28f8748a05f103a5dd5c687d968b0ad8cb85b51bf5
c7143357f014d4f423a93739d4e083cb74ce226a80c980df06d4e726822c7e33
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf
c992a85700a5e21c970ba0ec2b657e2e652ecdb2a72cb108065217d676b2c5ea
cb44f4887bb8b09d0187a4e6d0777a756b89955533b01ad1d6e6bded19dd94e6
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
ccc5e2343c1e0ff2c59463f8319e3dffc96a0429a372e71f133f4bba2a393a07
d11075cd7df2682b221d194573250d4aed0a6a4e3a151acf41d1b14053495b85
d12571fb058caba3e2478b76fc95d3f65741995d085ef27e29434b6e6d67791c
d6babff8a064a68c126adbc925a876484b9540e78f9d24711d6b529071a8ffd2
de48175c077ffa4ef22e1fdc0b89a9c4afb3daec01a99eb6b6df85e7cafa782e
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc51b5e6c7d632e48323c47b5eb68f121e8b321bb5e05ef1fb39fdf4bc8a34f
ec76a8791725e26557ae0aaaba4eb15e68301e54864f75311f7ad77455731da9
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48efb045bd94f72553e37dabf22e73b6759ecc4ab4f12961285222f7e582a37
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fb290807222c02a89787fa762198c27e14ed0966932472ffecdbe99f9665d4e1
fd66b41954b5995d58a437f960fca4d3133aef487be39b50ac80b20e3f496444
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.ketto.org Open in urlscan Pro 13.232.153.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

100 %HTTPS

39 %IPv6

29 Domains

41 Subdomains

36 IPs

7 Countries

1389 kBTransfer

4378 kBSize

2 Cookies

14 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ketto.org Open in urlscan Pro
13.232.153.143 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

100 %
HTTPS

39 %
IPv6

29
Domains

41
Subdomains

36
IPs

7
Countries

1389 kB
Transfer

4378 kB
Size

2
Cookies

96 HTTP transactions
1 data transactions