www.ketto.org Open in urlscan Pro
52.222.214.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGhcDLsvO5G5QJqp1aayU2o0WTUSNZEbNJVPb1N7fOI8vb7lXtSuIjUYe3bjY7zG...
Effective URL:
https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Submission: On June 29 via manual (June 29th 2023, 5:12:07 am UTC) from GB — Scanned from GB

Summary HTTP 172 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 62 IPs in 10 countries across 53 domains to perform 172 HTTP transactions. The main IP is 52.222.214.106, located in United States and belongs to AMAZON-02, US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 28th 2023. Valid for: 6 months.

This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.122 167.89.123.122	11377 (SENDGRID) (SENDGRID)
1 1	18.66.97.109 18.66.97.109	16509 (AMAZON-02) (AMAZON-02)
1 40	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1 13	2a04:4e42:200... 2a04:4e42:200::311	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:ec00:11:c3fe:5b00:93a1	16509 (AMAZON-02) (AMAZON-02)
7	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	18.133.143.83 18.133.143.83	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	13.225.78.88 13.225.78.88	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:20e... 2600:9000:20eb:ec00:16:b4a8:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	34.117.98.198 34.117.98.198	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2600:9000:225... 2600:9000:225e:b800:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
6	104.126.37.42 104.126.37.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:d::10 2a02:2638:d::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:710... 2a02:26f0:7100::210:121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
5	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:7a5a:856b:f187:f490	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	3.69.35.126 3.69.35.126	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.71.158.141 3.71.158.141	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.215.156.153 52.215.156.153	16509 (AMAZON-02) (AMAZON-02)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1 2	3.251.15.90 3.251.15.90	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.156.131.113 18.156.131.113	16509 (AMAZON-02) (AMAZON-02)
1	66.225.223.191 66.225.223.191	3949 (NTTA-3946) (NTTA-3946)
1	204.237.133.120 204.237.133.120	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:1f18:612... 2600:1f18:612b:4232:3223:94c5:efc7:2fa7	14618 (AMAZON-AES) (AMAZON-AES)
1	184.28.181.42 184.28.181.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.252.87.220 34.252.87.220	16509 (AMAZON-02) (AMAZON-02)
1	52.50.52.186 52.50.52.186	16509 (AMAZON-02) (AMAZON-02)
1	3.13.226.189 3.13.226.189	16509 (AMAZON-02) (AMAZON-02)
172	62

1 167.89.123.122 (Chicago, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net

u1699505.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.109 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net

in1.wizrocketmail.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 52.222.214.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

www.ketto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a04:4e42:200::311 (United States) 1 redirects

ASN54113 (FASTLY, US)

kettocdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kettocdn.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ketto.gumlet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:ec00:11:c3fe:5b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.gumlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.143.83 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-143-83.eu-west-2.compute.amazonaws.com

api.fontshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-88.fra2.r.cloudfront.net

d2r1yp2w7bby2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:ec00:16:b4a8:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

in1.wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.98.198 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.98.117.34.bc.googleusercontent.com

tags.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:b800:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.37.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-42.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.132.192.30 (Singapore) 1 redirects

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

gtm.ketto.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:7a5a:856b:f187:f490 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.35.126 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-35-126.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.158.141 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-158-141.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.156.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-156-153.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.251.15.90 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-15-90.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.131.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-131-113.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.225.223.191 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.120 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:3223:94c5:efc7:2fa7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.181.42 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-181-42.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.87.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-87-220.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.52.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.226.189 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-226-189.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	ketto.org 1 redirects www.ketto.org gtm.ketto.org	722 KB
12	gumlet.io kettocdn.gumlet.io ketto.gumlet.io	99 KB
11	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 918 trc.taboola.com — Cisco Umbrella Rank: 634 trc-events.taboola.com — Cisco Umbrella Rank: 1860 sync-t1.taboola.com — Cisco Umbrella Rank: 1321	41 KB
10	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3367 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 sslwidget.criteo.com — Cisco Umbrella Rank: 1751 widget.as.criteo.com — Cisco Umbrella Rank: 32986 dis.criteo.com — Cisco Umbrella Rank: 608	29 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1040 c.clarity.ms — Cisco Umbrella Rank: 1589 b.clarity.ms — Cisco Umbrella Rank: 19821	23 KB
7	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	5 KB
7	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4532	119 KB
6	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 2647	948 B
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 718	119 KB
6	adroll.com s.adroll.com — Cisco Umbrella Rank: 2811 d.adroll.com — Cisco Umbrella Rank: 1489	109 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 2556	1 KB
5	creativecdn.com 1 redirects tags.creativecdn.com — Cisco Umbrella Rank: 7631 asia.creativecdn.com — Cisco Umbrella Rank: 20590	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	3 KB
4	gstatic.com fonts.gstatic.com	170 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 1055	175 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	234 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	175 KB
3	cloudfront.net d2r1yp2w7bby2u.cloudfront.net	27 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 670	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1573	2 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 469	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	882 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
2	wzrkt.com in1.wzrkt.com — Cisco Umbrella Rank: 17566	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	188 KB
2	gumlet.com 1 redirects kettocdn.gumlet.com cdn.gumlet.com — Cisco Umbrella Rank: 75214	5 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2046	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2245	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3886	235 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2505	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797	585 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 778	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1226	886 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2951	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1006	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1276	162 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	125 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 422	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2136	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	363 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 374	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 675	793 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 3096	1 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 258	739 B
1	fontshare.com api.fontshare.com — Cisco Umbrella Rank: 216100	1 KB
1	wizrocketmail.net 1 redirects in1.wizrocketmail.net — Cisco Umbrella Rank: 823661	602 B
1	sendgrid.net 1 redirects u1699505.ct.sendgrid.net	625 B
0	emxdgt.com Failed e1.emxdgt.com Failed
172	53

	Domain	Requested by
40	www.ketto.org	1 redirects www.ketto.org
8	kettocdn.gumlet.io	www.ketto.org
7	dev.visualwebsiteoptimizer.com	www.ketto.org dev.visualwebsiteoptimizer.com
6	trc-events.taboola.com	www.ketto.org
6	www.google.co.uk
6	analytics.tiktok.com	www.ketto.org analytics.tiktok.com
5	gum.criteo.com	4 redirects static.criteo.net
5	b.clarity.ms	www.ketto.org
5	s.adroll.com	www.ketto.org www.googletagmanager.com s.adroll.com
5	fonts.googleapis.com	www.ketto.org client
4	www.google.com	1 redirects
4	asia.creativecdn.com	1 redirects
4	ketto.gumlet.io	www.ketto.org
4	fonts.gstatic.com	fonts.googleapis.com
4	sessions.bugsnag.com	www.ketto.org
3	www.facebook.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.ketto.org
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	connect.facebook.net	www.ketto.org connect.facebook.net
3	d2r1yp2w7bby2u.cloudfront.net	www.ketto.org d2r1yp2w7bby2u.cloudfront.net
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	x.bidswitch.net	1 redirects
2	trc.taboola.com	cdn.taboola.com
2	static.criteo.net	www.googletagmanager.com www.ketto.org
2	www.google-analytics.com	www.googletagmanager.com www.ketto.org
2	cdn.taboola.com	www.googletagmanager.com www.ketto.org
2	c.clarity.ms	1 redirects
2	in1.wzrkt.com	d2r1yp2w7bby2u.cloudfront.net
2	www.clarity.ms	www.ketto.org www.clarity.ms
2	www.googletagmanager.com	www.ketto.org www.googletagmanager.com
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	dis.criteo.com
1	cm.g.doubleclick.net	1 redirects
1	widget.as.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	region1.analytics.google.com	www.googletagmanager.com
1	d.adroll.com	s.adroll.com
1	gtm.ketto.org	www.ketto.org
1	ade.clmbtech.com
1	dynamic.criteo.com	www.googletagmanager.com
1	tags.creativecdn.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	api.fontshare.com	client
1	cdn.gumlet.com	www.ketto.org
1	kettocdn.gumlet.com	1 redirects
1	in1.wizrocketmail.net	1 redirects
1	u1699505.ct.sendgrid.net	1 redirects
0	e1.emxdgt.com Failed
172	71

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
d1vdjc70h9nzd9.cloudfront.net
www.facebook.com
play.google.com
apps.apple.com
www.twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
customerhappiness.ketto.org
ketto.kekahire.com
ketto.org
covid19.ketto.org
ketto.blog

Subject Issuer	Validity	Valid
ketto.org Amazon RSA 2048 M02	`2023-02-28` - `2023-08-31`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gumlet.com Amazon ECDSA 256 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
api.fontshare.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-30`	a year	crt.sh
*.gumlet.io Sectigo ECC Domain Validation Secure Server CA	`2023-02-16` - `2023-09-30`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
in1.wzrkt.com Amazon RSA 2048 M01	`2023-03-22` - `2024-04-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
tags.creativecdn.com GTS CA 1D4	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
colombiaonline.com R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
gtm.ketto.org GTS CA 1D4	`2023-06-06` - `2023-09-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Frame ID: D77E6E6848983AE917E237DFB356C3BD
Requests: 139 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 643E91385DF96B0265D5BBC804634297
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.ketto.org&origin=onetag
Frame ID: 6CC940C520F1A9DA6179235E736D1D1E
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30
Frame ID: 69CA9EDADE960EBB85816254C244F573
Requests: 27 HTTP requests in this frame

Frame: https://static.criteo.net/empty.html
Frame ID: 801F31B3B4EC26ED7BBB41CCC0CEF167
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ketto: Crowdfunding India | #1 Crowdfunding Website For Fundraising - Ketto

Page URL History Show full URLs

https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGhcDLsvO5G5QJqp1aayU2o0WTUSNZEbNJVPb1N7fOI8... HTTP 302
https://in1.wizrocketmail.net/r?e=K24AfR8EBgx6CAB%2FDSZjeQQACABjYmE1KSQlNUxOAAZna2B7Z29mN3JwQlEkKTskOQUxJF... HTTP 302
https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

Page Statistics

172
Requests

91 %
HTTPS

38 %
IPv6

53
Domains

71
Subdomains

62
IPs

10
Countries

1884 kB
Transfer

6095 kB
Size

78
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=919930088522
Title: Chat

Search URL Search Domain Scan URL

URL: https://d1vdjc70h9nzd9.cloudfront.net/videos/screen_recording.webm
Title: link to the video

Search URL Search Domain Scan URL

URL: https://www.facebook.com/messages/t/ketto.org
Title: CHATWITH US

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=org.ketto.mcd

Search URL Search Domain Scan URL

URL: https://apps.apple.com/sr/app/ketto-for-fundraiser/id1602237545

Search URL Search Domain Scan URL

URL: http://www.facebook.com/ketto.org

Search URL Search Domain Scan URL

URL: http://www.twitter.com/ketto

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/ketto-online-ventures-private-limited

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Kettodotorg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kettoindia/

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb/funds-withdrawal
Title: Withdraw Funds

Search URL Search Domain Scan URL

URL: https://ketto.kekahire.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb
Title: FAQs & Help Center

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb/trust-safety-queries
Title: Trust & Safety

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb/articles/aml-policy-6-8-2021
Title: AML Policy

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb/articles/terms-of-use-7-8-2021-1
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb/articles/privacy-policy-7-8-2021
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://ketto.org/cause/transplant-crowdfunding
Title: Transplant Crowdfunding

Search URL Search Domain Scan URL

URL: https://ketto.org/cause/sports-crowdfunding
Title: Sports Crowdfunding

Search URL Search Domain Scan URL

URL: https://customerhappiness.ketto.org/portal/en/kb/articles/trust-safety-7-8-2021
Title: Trust & Safety

Search URL Search Domain Scan URL

URL: https://covid19.ketto.org/
Title: Coronavirus Relief Fund

Search URL Search Domain Scan URL

URL: https://ketto.blog/blog/five-quick-fundraising-ideas
Title: Five Quick Fundraising Ideas

Search URL Search Domain Scan URL

URL: https://ketto.blog/blog/5-innovative-online-fundraising-ideas-for-non-profit-organization
Title: Fundraising Ideas for Non- Profit Organization

Search URL Search Domain Scan URL

URL: https://ketto.blog/blog/what-is-sports-crowdfunding
Title: What is Sports Crowdfunding?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGhcDLsvO5G5QJqp1aayU2o0WTUSNZEbNJVPb1N7fOI8vb7lXtSuIjUYe3bjY7zGoypiyamQx2pWl1ZKDofzWbCOQGG-2BeDfs2O-2BZTGfOceYN-2BAcwInL0gCvfH1ntfQ2fC-2F9jiupzV0T-2B0-2FojY2Ieah88zK-2BcdxY-2B95XfmUybgJ7awkPTCyNMTrQGp-2FBq1YsruDO5hlsNmJN3-2BJWtITO-2Fonh0KqOXKLSMR906w9KKhb4LUHWBnmFXxA2jtV-2FFsdF2Tl6rZz6NSZ-2FLGS4SutYcxQmjfNlwLugMUhMpwHyBIRF7I1qPr7b2PTAlV0MoPguDSbWWE8P48A35e1ye0ovi5AalgUTzqphzUfloc-2B59VSMZflSHgY2gOS-2BWfNpBgiqRliNM46dpBUd4uq2kUR5iD5C3dNpTYADl4VGBs7lqTAEwtAtD3mqbYG1ZyH88IGgEVZU8v-2FmxIylpZ3XsDdzrr2ZVkPP7B8mM0EunaW774s2eHVJRgIUWFUxLBhRPtMZRRtoW8yAmfRF3g8oxeoPl6J3S9-2FTLtSdWhKunALpmR-2B-2BACQ8Eo_ZXgavRRRMRPGsdwaScfXdro6s3Yg-2BHBuXfqJg-2BlS2vV7-2FLyWoFVbzfWzBhp4-2F6-2Fa29QQOQdJ50Bq6pn0VPp4a-2FvRxIJMIzYQo0sMs-2Beh1E7O7sLj0FqIbNtjKkCmhII4nVAr70vjJlPiHAC1UTxeyu7RgI-2B1xr7AxMfc1vI9iGZTa8IizX20drX46cuRMDdeJ8uJ6ixr-2Bm4V-2FOTh3e7DAq3c-2BeP2R1zqMuXUJPVYaS9jXjnewILKDWCh-2FygtD2KRHNPtw8Y2yqjvickRZ2datRHYFZllO3Uzk-2BVBOagpVajLjI5QSUoQAC95MUSjyy7UgNV0tNYzxGxt2DQtnGHV6YopUNtktf2Uso1Vr62abm7tcwkxZ2OeDvqXDRQValXPqPZtzPh6iMTYBQ17GAJY3eg9upezT7zL7VHsooqd9VT7DdoLpXMdY6wOT5doBVt0hTiAR-2BbqRg9MRyag-2FWeIWZyeRbHO4ABBnESdYVpKrtFevq-2B72V1LAgOBwuoCpuL4 HTTP 302
https://in1.wizrocketmail.net/r?e=K24AfR8EBgx6CAB%2FDSZjeQQACABjYmE1KSQlNUxOAAZna2B7Z29mN3JwQlEkKTskOQUxJF1bWFEXGi56Kz8kLlxETXo4LjstPjkzP1tfXxQUNjsoPD82N0kSRk4lMQ0iM3hoaQMGBwJvbWV8Y28NeQICAgRha2Rpe3glMUBbbkQ%2BLD0%2FdWBwPEhCWmszPzQqIjYmaU8%3D&r=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&c=713981088&token=GlVWCApVDQIDAAA%3D&try=1&$follow_redirect=true HTTP 302
https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://kettocdn.gumlet.com/images/logo-light-bg.svg HTTP 308
https://kettocdn.gumlet.io/images/logo-light-bg.svg

Request Chain 72

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F032204F476648ACA201155D3A3CE3E6&RedC=c.clarity.ms&MXFR=10004E21B4EF6688240C5D1EB0EF683C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F032204F476648ACA201155D3A3CE3E6&MUID=0F1D6A1EC4346B0E0E737921C5216AF3

Request Chain 88

https://www.ketto.org/https://kettocdn.gumlet.com/images/mi-shine.png HTTP 301
https://www.ketto.org/fundraiser/https:/kettocdn.gumlet.com/images/mi-shine.png

Request Chain 91

https://asia.creativecdn.com/tags/v2?type=json HTTP 307
https://asia.creativecdn.com/tags/v2?type=json&tc=1

Request Chain 127

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/307507820/?random=216506247&fst=1688015513474&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&auid=1695112804.1688015513&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/307507820/?random=216506247&fst=1688014800000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&is_vtc=1&random=3064306801 HTTP 302
https://www.google.co.uk/pagead/1p-user-list/307507820/?random=216506247&fst=1688014800000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&is_vtc=1&random=3064306801&ipr=y

Request Chain 133

https://gum.criteo.com/sid/json?origin=onetag&domain=ketto.org&sn=ChromeSyncframe&so=0&topUrl=www.ketto.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ftnFWHxNUldhZ3dSa3hZZjJSM21Qb3ZxMkNPOG4wL3N0TDlBWGx5N2dvT0ZEQk51Ynl6TXpjVThiZUVENDQrS3daREZ3Q0hOdjNKT3ZKVld1M0R0NlhaZ1pnaUNYSEZ5WitSdlpPNGQzRi9WSmVLRFl6bm5BTHEvZ240Y2hjVXFNalFwcDBiRG1sTWVOM2ZEbThmREY0TTkxK0RsTG12QzU2Y1FRaUtvVmoxV1pnZE1UMkphWXhpK0ZqVCtBVzVLTjkwWWpKSGhaVnFDZWlnTWR1ZkxNT2dyczdwUXZYdU1UZnVCSGtBZHVjSnFKSXhZQkpWVmVDSkt2cE9JVFBhbUNINDJ3WHE1UjhKN2N3bU5RRDNIeEVRa0VBZz09fA&cppv=2

Request Chain 135

https://sslwidget.criteo.com/event?a=56509&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=HbzjiV9ySmclMkJZV3pWNSUyQm9VZGxXTHM2eGI1ZGRYQlNhbU92aWUyMDZxUWFoR05qbDJmQldEYWpQJTJCZnolMkY1TDJYN1ZRdWxJbnE1aTg3MTFrTWg2VW1ibDU0U1FpT2FYbSUyRll2QSUyRjdhM2NYSGY0WUV2dGNEb2F5RHN3N2h0M2hhZkp2YU90JTJCQ2JIanU5VHU2bUxDQXA2S3RsSU0xQSUzRCUzRA&tld=ketto.org&fu=https%253A%252F%252Fwww.ketto.org%252F%253Futm_source%253Dexternal_ct%2526utm_medium%253Demail%2526utm_campaign%253D80G_tax_benefit&ceid=f73cbc66-5947-460c-8eb2-86a342efe028&dtycbr=85519 HTTP 302
https://widget.as.criteo.com/event?a=56509&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=HbzjiV9ySmclMkJZV3pWNSUyQm9VZGxXTHM2eGI1ZGRYQlNhbU92aWUyMDZxUWFoR05qbDJmQldEYWpQJTJCZnolMkY1TDJYN1ZRdWxJbnE1aTg3MTFrTWg2VW1ibDU0U1FpT2FYbSUyRll2QSUyRjdhM2NYSGY0WUV2dGNEb2F5RHN3N2h0M2hhZkp2YU90JTJCQ2JIanU5VHU2bUxDQXA2S3RsSU0xQSUzRCUzRA&tld=ketto.org&fu=https%253A%252F%252Fwww.ketto.org%252F%253Futm_source%253Dexternal_ct%2526utm_medium%253Demail%2526utm_campaign%253D80G_tax_benefit&ceid=f73cbc66-5947-460c-8eb2-86a342efe028&dtycbr=85519

Request Chain 139

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KmdkDSoF8S3UNmMKzI4VCkUjNoBFj9HdYh59RA&google_cm&google_hm=ay1LbWRrRFNvRjhTM1VObU1Lekk0VkNrVWpOb0JGajlIZFloNTlSQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KmdkDSoF8S3UNmMKzI4VCkUjNoBFj9HdYh59RA&google_gid=CAESEJV3tr0pia7N4wkNRCDIxvk&google_cver=1&google_ula=913071,0

Request Chain 141

https://secure.adnxs.com/setuid?entity=52&code=k-AYQ7xioF8S3UNmMKzI4VCkUjNoCK37dfaOTITw HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AYQ7xioF8S3UNmMKzI4VCkUjNoCK37dfaOTITw

Request Chain 152

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4tifJioF8S3UNmMKzI4VCkUjNoCGGZZioHXi7Q HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4tifJioF8S3UNmMKzI4VCkUjNoCGGZZioHXi7Q&C=1

Request Chain 153

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=xCIHsSLJmt7Lk9DH1dInsMNwwzv-2kLu HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xCIHsSLJmt7Lk9DH1dInsMNwwzv-2kLu

Request Chain 155

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gMJbICoF8S3UNmMKzI4VCkUjNoCFLjH_OsbiHA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gMJbICoF8S3UNmMKzI4VCkUjNoCFLjH_OsbiHA

Request Chain 164

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XgWT4cwqh3T3YvJO3b0G1rtmzNbqhqvV

Request Chain 165

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tAfO8N8YN7uv1vyxWlRM0R4fX7eLaaJJ

172 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ketto.org/
Redirect Chain

https://u1699505.ct.sendgrid.net/ls/click?upn=lqP1VrxUtWMVJ2zsP7wlGhcDLsvO5G5QJqp1aayU2o0WTUSNZEbNJVPb1N7fOI8vb7lXtSuIjUYe3bjY7zGoypiyamQx2pWl1ZKDofzWbCOQGG-2BeDfs2O-2BZTGfOceYN-2BAcwInL0gCvfH1ntfQ...
https://in1.wizrocketmail.net/r?e=K24AfR8EBgx6CAB%2FDSZjeQQACABjYmE1KSQlNUxOAAZna2B7Z29mN3JwQlEkKTskOQUxJF1bWFEXGi56Kz8kLlxETXo4LjstPjkzP1tfXxQUNjsoPD82N0kSRk4lMQ0iM3hoaQMGBwJvbWV8Y28NeQICAgRha2Rpe...
https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

10 KB
4 KB

328ms
194ms

Document
text/html

52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32c188267bbf7f111721a087651d521036fd1e43283ff08332c9b29e48505a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31427
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Thu, 29 Jun 2023 05:11:51 GMT
etag: W/"666e32741685fa416835f808ac6bb8d7"
expires: Fri, 21 Mar 2042 23:59:59 GMT
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-id: F4paQXK6g93sXcUI48qtUzPHbPAR63T01w1fKCTnVi9sUADNMbHPpQ==
x-amz-cf-pop: FRA56-P3
x-amz-id-2: SFe6zgdFBEJKzl92vAF+Dz8rQUFmIbh9RsVu2bXu6fH8lmabz6SrPvRsKdxZakxWGjcUE51UoDk=
x-amz-request-id: RPCPAHTVBGKK9VE4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

Redirect headers

Cache-Control: no-cache, no-store no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 29 Jun 2023 05:11:51 GMT
Expires: 0
Location: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Pragma: no-cache
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
X-Amz-Cf-Id: h3PVKv1ta1Lh9Df2M_wSp3DzxrJgv4_N2lFnyvNPmlz_RzZGIfi6EA==
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Miss from cloudfront
X-Frame-Options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 147ms
52ms Font
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 05:05:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 05:11:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 591 B
445 B 148ms
53ms Font
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons&display=swap

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ce446b54f436b6093ac2ef44c24e3c5f65b0b0c9d9a7dddf4943f192ae69dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 05:11:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 05:11:51 GMT

GET
H2

200

logo-light-bg.svg
kettocdn.gumlet.io/images/
Redirect Chain

https://kettocdn.gumlet.com/images/logo-light-bg.svg
https://kettocdn.gumlet.io/images/logo-light-bg.svg

3 KB
2 KB

100ms
29ms

Image
image/svg+xml

2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/images/logo-light-bg.svg

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f07d505480a059096e7e518414dfb86e216d527ebe9f0ada0868ac78233d2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6475750b9c18f72e33abdb43
age: 2596235
x-cache: HIT, HIT
x-gumlet-runtime: 1.008
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1251
x-served-by: cache-fra-eddf8230068-FRA, cache-man4122-MAN
x-timer: S1688015512.951265,VS0,VE3
etag: "269lzuucguo2h"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 6312, 1

Redirect headers

x-served-by: cache-man4130-MAN
date: Thu, 29 Jun 2023 05:11:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1688015512.853396,VS0,VE1
x-cache: HIT
location: https://kettocdn.gumlet.io/images/logo-light-bg.svg
cache-control: public, max-age=7200
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 runtime.3ee264c9a8ecff61.js Show response
www.ketto.org/new/ 7 KB
5 KB 45ms
44ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c1efd5b76faddbd0eb186aae118ca0a19cdb31f0d5f01270ef612ce79fc5e7c

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166568
etag: W/"45b3ca27ba6c9f672d60c68517c91263"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: ca2gMFGIEsh8fSi1mOX2uEj-YcW7ivBnTrWqg3vVilEh7_mOtSjmNw==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 polyfills.41b7af34f13876fc.js Show response
www.ketto.org/new/ 33 KB
12 KB 51ms
50ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a27cd5a07f891a196c9c699f9628af8d52776d9130a18fcba1ab3ba814801dc0

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:43 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166569
etag: W/"7c6b7f0b029f3f72d7eaa714017df185"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Fb-zAf-yzUnSssLQj8UwLJBmUQHAMZXcZE2F02ANV5BQNhEDswaDbg==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 scripts.17e109da33de35e8.js Show response
www.ketto.org/new/ 6 KB
3 KB 177ms
176ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/scripts.17e109da33de35e8.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a708d0ad86298085d0d3dcb6748f0be19d55f90e97d2e27ce89ee91b3261e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:43 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166569
etag: W/"601259056905097a605cc2d32754f28f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 8ef8mIYzBokbFE8gKFoZJF4hb0NnlBtZJl3tJC9Au4kAs1-eIq2G-Q==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 vendor.4a494c29ee655c1e.js Show response
www.ketto.org/new/ 837 KB
230 KB 59ms
58ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/vendor.4a494c29ee655c1e.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f43ffeb81ea50a6150daf26c8afbc3cf70b402e7c07ffc8065832fade0711ac6

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:46 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166566
etag: W/"845deaca89e47573ae89031f9f7fae2d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: D0ah3psBQbelTDj7KBbpM-1-pq1z-sXTVHlz057jQ-YlmrVhLOMPJA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 main.dbd1c678f32592d7.js Show response
www.ketto.org/new/ 340 KB
91 KB 178ms
177ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/main.dbd1c678f32592d7.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ffb8c22fd7325b25b1c92cd6510ea09f43782abf0da8148ab129c63d15efe1f

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166568
etag: W/"f0733e4f208a83ee18ba36ce06a9cdb6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: GphS0fZSYENE9aPYi5ENQ1Or2itFlcE78MoBH-LI0q5uGKKDnY8kPA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 vwo.js Show response
www.ketto.org/assets/js/ 3 KB
2 KB 177ms
177ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/assets/js/vwo.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17d81106176fdcddbcb848b8527dd2514831e000cabce15dc66b96c7212f73b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"84497f74b4131ea891a0718e10a1b509"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Z3gayndMCZ9P7kCgQi2BQ1ePfLda4sPau2PA--DxRfsY57prLhkIwQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 gumlet.min.js Show response
cdn.gumlet.com/gumlet.js/2.1/ 15 KB
5 KB 179ms
43ms Script
application/javascript 2600:9000:225e:ec00:11:c3fe:5b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gumlet.com/gumlet.js/2.1/gumlet.min.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ec00:11:c3fe:5b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd9a7b9ab42c0f8995803a0a30f66c5efe4207e2c9600b2fca97be971f0175b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 22 May 2023 08:12:47 GMT
content-encoding: br
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified: Tue, 13 Sep 2022 18:09:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3272345
etag: W/"dee95ca2f652ec00d954cc14a5b43fda"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, s-maxage=31536000, max-age=172800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5SU3nnPvFmX3mZMX9GHHEidTH4LaQDzz3xE3-sCYX5NWTZGBluEUZA==

GET
H2 200 styles.e4aea641cad2ac1d.css
www.ketto.org/new/ 202 KB
29 KB 180ms
179ms Stylesheet
text/css 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/styles.e4aea641cad2ac1d.css
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b9167dbf8f9882cbb3f9bfd9dec02b2437d0794219e4f6e32d0a650cc735e2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166568
etag: W/"e68b2500a55754c03cf47bc840673a36"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: JyLPl2Zdt91RCwTm2mr-mu880j6UBw8YRmpB1FshEq3URSphjh0xdw==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 spinner.svg
www.ketto.org/assets/images/ 855 B
1 KB 150ms
150ms Image
image/svg+xml 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/assets/images/spinner.svg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 330c6994f421612a2a17b91f08e16a970dd2158a4632e9c133a393be9cefbf99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:43 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166569
etag: "cded618b6ad289ddd62ee325c973c092"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 855
x-amz-cf-id: 9zYy6wdj9mgRt_8v7TYdzRedj2eCLATaZu_hcsybPWMqKs-I318_pA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
815 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 04:46:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 05:11:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 591 B
422 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons&display=swap

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ce446b54f436b6093ac2ef44c24e3c5f65b0b0c9d9a7dddf4943f192ae69dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 05:11:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 05:11:51 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 9 KB
3 KB 108ms
36ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&f=1&r=0.12756673399227725
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/assets/js/vwo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 6ffb77e49b8d6a737dc4c962db65347806ab0773bdef6cb56f36e3048798befb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: gzip
via: 1.1 google
server: glon1
etag: W/"1687959801"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 246ms
158ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://www.ketto.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 164ms
164ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.ketto.org/
Bugsnag-Sent-At: 2023-06-29T05:11:51.992Z
accept-language: en-GB,en;q=0.9
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 google
bugsnag-session-uuid: 0f191db7-0dc8-4f70-bac3-6d0533cacbca
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 1267.d5872db984891869.js Show response
www.ketto.org/new/ 8 KB
3 KB 52ms
46ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/1267.d5872db984891869.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cac0b1af7455284bf972a6c0a0ba05b2812bee0f2de1d92432bebc24af160bd

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:45 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166568
etag: W/"a5e368e82f199db747b59c59e2ac1d76"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Im3kue07_t2iZiEZCm34lXqAXoTAAJXApyYjzPR35aga0Vp1YXNp-g==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 9886.cb4ed9caf00217a7.js Show response
www.ketto.org/new/ 32 KB
8 KB 54ms
49ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/9886.cb4ed9caf00217a7.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f39e32285f48d3b69a936c8dc6fb479caee98c4e356320fa3eda072de7372e17

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:45 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"366409989cbb6983787013e766d930d7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Hb3HYFFAa9yHeQyacZZHjSU2dsu8_V0hyo_0zsca1l0maGi8RAIJng==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 7371.5ea9abe9b522b558.js Show response
www.ketto.org/new/ 26 KB
8 KB 55ms
50ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/7371.5ea9abe9b522b558.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c122987544383977e325c87a5187db3452965064538e6d72c04f643bb52574c0

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166569
etag: W/"0aabca4309eea05a8fd224f02fa412f8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: ifjwIxl5a3O4qCy8JIRPiLto0FnCrv8ClrFnA54vvFPXhtBSnpxfBg==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 1169.9c8493e7ae6afbb5.js Show response
www.ketto.org/new/ 23 KB
7 KB 52ms
47ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/1169.9c8493e7ae6afbb5.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d654b420b511a8ccb4bdbd56cd8c4dc01cd43e1e97ef1cc8a5ba34e582e8cf5

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:45 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"6c36e9bf3985a62097864032a3625d4b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: tWev-q_C9fdWnx1qL5QQzAhkweMAaA5BFAnWG0jdGMnnqwsMe-_W9g==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 8589.758181dfd7f4b411.js Show response
www.ketto.org/new/ 22 KB
7 KB 53ms
48ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/8589.758181dfd7f4b411.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b703d2a5f5522ed8d7b0612afd604f27c2d9cf4291b05ac0cc4038fad5c6a72

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:45 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"ca7240a0e50d903acaf8f275e1e61a4c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: t_NaDbBSYCqxRMUYgT93_qP75sQvArHXgdCtqSRDFFWbybyNokf56g==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 8550.25210c9e3953b917.js Show response
www.ketto.org/new/ 17 KB
6 KB 65ms
61ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/8550.25210c9e3953b917.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd917f86076da246fa6aaca90925c22556f4761eadfea98c1dcdb36bd8ac0a77

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:45 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"ce6204f9ddc416ed51782b9111796eca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: GDTWQPyrs2gOXhxS-l8-2cg7LEqFEx-nQo18-8K-aZV0FVz_lM6gYQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 596.04b85cf7b11b9093.js Show response
www.ketto.org/new/ 97 KB
30 KB 65ms
61ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/596.04b85cf7b11b9093.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a33ff27e30ed7688e8ff1b19f7a7da388f488a67db586b2ef2f4695a02a16f6

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:46 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"1eabd0ceed9b3ba3f4b3239a608dd68b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: vumRMq752C3LixySCJSvuUd1EdEAzR6Q3Bj-hg3fgw6hsZqQqM55mg==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 5567.3f1ed2f697e0de7f.js Show response
www.ketto.org/new/ 37 KB
11 KB 68ms
65ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/5567.3f1ed2f697e0de7f.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4beecfb5c496854b3231046a5938f4f7d4e5ba23908fe31687551ed9a90d5773

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:46 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"99e8beba9d3ccda17db600c96546cee6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: JKU6e6b4luvtmfvkcqAmHXLPdKZ8RVMumJFSETPvgQrJuJa8KsmKMQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 7530.fa7a998dcbcd4d9f.js Show response
www.ketto.org/new/ 47 KB
8 KB 66ms
62ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/7530.fa7a998dcbcd4d9f.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87e63c9cc85722f2950a8fcdf0fb84a62805c200f840c8f093a55ad47b2a5bfe

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:46 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"dd75c475cefedc02ec9957f08519ad02"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 7i2xEVsSYtOiFtVwo68hozCr9bidACufFxbDTKg67G-ycixqmhgztA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 4044.6c069bc6625b5aff.js Show response
www.ketto.org/new/ 42 KB
11 KB 66ms
63ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/4044.6c069bc6625b5aff.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6741dee536fcc3dcd63c96afc87eae0aa769692d81d46fa06eb9f151f715bf55

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:46 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"373c89ea00684861e3fa7854ed003040"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Vl5FfFa28qvKrnGyWThFlsp6PjvuPbqonwYYOLklNehm6Ovl4IkoDQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 1403.b8dcafb8391c0449.js Show response
www.ketto.org/new/ 116 KB
23 KB 66ms
63ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/1403.b8dcafb8391c0449.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d1f78c0ce09d244100e1e559fbe0feb75551dbabcc2d1b78dc606b9d61428d

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166569
etag: W/"913fd980a751cb922a124d21e1c0b2eb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: Ng9lk_0P8sF61xNZnBeU01l86e3kAoluJB9IGnWnTpXMHhNGpom9kQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 6896.80d1d2de6d887d4c.js Show response
www.ketto.org/new/ 15 KB
5 KB 67ms
64ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/6896.80d1d2de6d887d4c.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 865ac72d193fc958710f49a96e863ae72ba63f9d60ef9afa7917dbbc4fa94b5a

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:46 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166567
etag: W/"246c7061f627dc787e7cef5752438e2d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 6v98WbtPvqncoEjPvAoSsj1T7WV3v_Je6swyWnA9nwTWyFXWtvwgRg==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 887.4d85ec662784b1e0.js Show response
www.ketto.org/new/ 24 KB
6 KB 68ms
65ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/887.4d85ec662784b1e0.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 668495f43f6d010b12d5c2eef052d7e45686af12c3e0e9602ab80241abd52285

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:48 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166565
etag: W/"0f0ad6700f6caecde3b6b378ea1566ad"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: -euMCv3P369NirBgFEKW1olstASneWCVeCeJa_75QBPaPtbPniV_cw==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 6928.bd9341432bddadac.js Show response
www.ketto.org/new/ 27 KB
7 KB 68ms
66ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/6928.bd9341432bddadac.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d91cdb016f9cd983879f7cdf1cd86b79c0c62ab8849a93f821b1232c9ae633a4

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:50 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166563
etag: W/"1cc6f2d2e2c863eae3aa834eb5271429"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 8ntJstwgwgAnTzPZs1Z_pK-ItkWtXMre-stvlwsNc6mHDxji4Dv78g==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 231.6b1805e026f05a24.js Show response
www.ketto.org/new/ 17 KB
5 KB 90ms
88ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/231.6b1805e026f05a24.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b360efdd52f5689ae8c7d02cb2e7228f3b25dcaf14f3eea81969748cc6263b50

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:55 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166558
etag: W/"9fffd399764409d60c5cceb83f444fe1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: 3M_jYxqjQdEheJRitmyG3Smhf5dpRVbkW_q-xSpDO7g4O2xXunNb2g==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 2328.6dfdb98bdbe9b3d4.js Show response
www.ketto.org/new/ 119 KB
16 KB 91ms
90ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/2328.6dfdb98bdbe9b3d4.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7b5562c4bb7cfedaf0eabd3bb6601098326888e28e2d37dafcc6fa32a53391d

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:55 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166558
etag: W/"46647a7b79a3642b02532f619bf12617"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: kDTT19h_5SbPF0js3k5D1knqJmufLWyFRLp70l68DvnFuS5Hd3Aemw==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 5167.5c52f2440553fe4e.js Show response
www.ketto.org/new/ 55 KB
13 KB 92ms
91ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/5167.5c52f2440553fe4e.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 541d383217cb5ea3605c621bcc288944870833798a89e42bd1d0e4a4336781cd

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:55 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166558
etag: W/"247adc98c09666a7544d5c895590f94f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: PQ61m7gXHZo546tEJX3uYbV1Sgaa0nlmgmaKTXKclw9Ct9cYouqcPA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 1480.011a656ede266fdc.js Show response
www.ketto.org/new/ 118 KB
26 KB 92ms
91ms Script
text/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/new/1480.011a656ede266fdc.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/runtime.3ee264c9a8ecff61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bd882204617fcb90bba9fb7df4669615fd89aed4359b11a1ab022099dd35bd5

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:55 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166558
etag: W/"1a4233a3d5f760e2bc8ca14e7cb3137f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: WECK-7wwJw7V8HQjbdILUiipgUTJhSRyngMs4GwJB0tirucPAbwa6g==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 139ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:50:39 GMT
x-content-type-options: nosniff
age: 210073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jun 2024 18:50:39 GMT

GET
DATA 200
OK truncated
/ 58 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 va-f0eec28152fad1d8505e8154f9925b20.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 233 KB
66 KB 67ms
32ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-f0eec28152fad1d8505e8154f9925b20.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&f=1&r=0.12756673399227725
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 87e0bcd31c6cf8c0831c2f310a7dfb2372ae5f7511fd11f2f430a3dd82363361

Request headers

Referer: https://www.ketto.org/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 28 Jun 2023 09:35:06 GMT
server: glon1
etag: "649bfeca-10639"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67129

GET
H3 200 track-f0eec28152fad1d8505e8154f9925b20.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 13 KB
4 KB 80ms
46ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-f0eec28152fad1d8505e8154f9925b20.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&f=1&r=0.12756673399227725
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 72e80bca8589d4caee47cc7fae10907bfead4158541ba385ac729a236d18c5bb

Request headers

Referer: https://www.ketto.org/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 28 Jun 2023 09:35:06 GMT
server: glon1
etag: "649bfeca-fd1"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4049

GET
H3 200 opa-6969ddbcd95a51e10654f06c5917c4ff.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 115 KB
29 KB 85ms
52ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-6969ddbcd95a51e10654f06c5917c4ff.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&f=1&r=0.12756673399227725
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: d480fe531b36fab7833fba7aa0714c7295cf7731bce5616c6fc045b278b4e2b3

Request headers

Referer: https://www.ketto.org/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 28 Jun 2023 09:35:01 GMT
server: glon1
etag: "649bfec5-7486"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29830

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 110ms
110ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=326437&d=ketto.org&u=D2E2B97601819A49D921EF4D2F67F5267&h=5f1351603e3e8fefac2f549e91d4fc27&t=false&r=0.3520563342363703

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:51 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 158ms
158ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://www.ketto.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 google

GET
H2 200 iplocation Show response
www.ketto.org/api/third_party/ 221 B
554 B 257ms
257ms XHR
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/third_party/iplocation

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-106.fra56.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

6fca6a240fb0a0972228f6479dc3e1444fa4cc93b8400e095666bdc6daaf422b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
accept-language: en-GB,en;q=0.9
Authorization: Bearer false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: nginx/1.11.9
x-amz-cf-pop: FRA56-P3
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json
x-cache: Miss from cloudfront
cache-control: no-cache, private
content-length: 176
x-xss-protection: 1; mode=block
x-amz-cf-id: EPdh74Wwq651s0ivH1TpmsfZsHEVV9SIMn0yG59k-6m1IpzhL6tClw==

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
35 B 298ms
297ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.ketto.org/
Bugsnag-Sent-At: 2023-06-29T05:11:52.148Z
accept-language: en-GB,en;q=0.9
Bugsnag-Api-Key: 0d02ac2f63382263e24f75c0adad288e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 google
bugsnag-session-uuid: 62188195-d7e2-4366-a4d8-07a108c418b2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 css
api.fontshare.com/v2/ 598 B
1 KB 141ms
38ms Stylesheet
text/css 18.133.143.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fontshare.com/v2/css?f[]=sentient@700&display=swap
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.143.83 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-143-83.eu-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 167be98de45d4d9406b59720387d28c16ab3bd46459301b768799cba168f121c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/css
access-control-allow-origin: https://api.fontstore.com
cache-control: private, max-age=86400, stale-while-revalidate=604800
access-control-allow-credentials: true
access-control-allow-headers: content-type, authorization, cookie
content-length: 598
x-request-id: F20JKjjfZfrTIsIExL7B

GET
H3 200 css2
fonts.googleapis.com/ 3 KB
515 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 04:00:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 05:11:52 GMT

GET
H2 200 Bitmap.jpg
www.ketto.org/assets/images/ 73 KB
74 KB 47ms
46ms Image
image/jpeg 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/assets/images/Bitmap.jpg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/styles.e4aea641cad2ac1d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4acec813c1dd988c9efc11e869a2732eaa3e269e4c067714daa181e7429f542

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/new/styles.e4aea641cad2ac1d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:56 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166556
etag: "28bd938c22f4e6354238cf8d2596b2c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 75194
x-amz-cf-id: E7rAEOqRNNdVpCUJljVaiIaH60UPfqzEIFjdogAdUNmfekcunloBCQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 144ms
143ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 02:33:59 GMT
x-content-type-options: nosniff
age: 95873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 02:33:59 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material+Icons&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:29:28 GMT
x-content-type-options: nosniff
age: 387744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 17:29:28 GMT

GET
H2 200 banner Show response
www.ketto.org/api/banners/ 2 KB
1 KB 49ms
49ms XHR
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/banners/banner?with=mobile;desktop

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-106.fra56.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

b3c45b77df32bcd4b9b8deacf8d9460828aced494eb4412e6ada289421283a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
accept-language: en-GB,en;q=0.9
Authorization: Bearer false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Jun 2023 06:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: nginx/1.11.9
x-amz-cf-pop: FRA56-P3
age: 80163
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json
x-cache: Hit from cloudfront
cache-control: no-cache, private
content-length: 781
x-xss-protection: 1; mode=block
x-amz-cf-id: D-z5IaNpADPDaNCM1t5SX8AlJx26kO6N692Mxei_QsQDZRQw_FpEjg==

GET
H2 200 widgets Show response
www.ketto.org/api/banners/ 2 KB
1 KB 49ms
49ms XHR
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/banners/widgets?with=mobile;desktop&limit=1

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-106.fra56.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

e998a805c3e65de2b8615848565f74bb01d0c1e77de516466b37b951819fd203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
accept-language: en-GB,en;q=0.9
Authorization: Bearer false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 28 Jun 2023 06:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: nginx/1.11.9
x-amz-cf-pop: FRA56-P3
age: 80138
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json
x-cache: Hit from cloudfront
cache-control: no-cache, private
content-length: 809
x-xss-protection: 1; mode=block
x-amz-cf-id: PXFLm_0QKt4eNNKW5qNsAIoYH8YAUZYFt-0LNXybiorW4JC7qjtO7g==

GET
H2 200 icomoon.ttf
www.ketto.org/assets/fonts/ 34 KB
20 KB 47ms
46ms Font
font/ttf 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/assets/fonts/icomoon.ttf?i2iup6
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/styles.e4aea641cad2ac1d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 577951cf39fd12a9cd0a1ad1e303950d25b4376deb325579fe5c4d37c1f2c975

Request headers

Referer: https://www.ketto.org/new/styles.e4aea641cad2ac1d.css
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:48 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166565
etag: W/"6e6267ffb5f52ac66cb4bc9caaedfeeb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
cache-control: max-age=31536000
x-amz-cf-id: hzDUGZQZ5fgjjBXRyRcLNMR85c3FbyBq2ftDgPxrczigUb1exLKFuA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d83f0cb05a666ad25e9141207788bcbf18eab73b6e3e741e40754cd3903ebf6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ketto.org
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 02:18:56 GMT
x-content-type-options: nosniff
age: 355976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 02:18:56 GMT

GET
H2 200 logo-light-bg.svg
www.ketto.org/assets/images/ 2 KB
1 KB 44ms
44ms Image
image/svg+xml 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/assets/images/logo-light-bg.svg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 906043dd7c678d24efde1b1956c820087bd3c81e52f25da2934f52d992a7b99a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:43 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166570
etag: W/"0650c2f95ac8710e5b3d31635f19e2ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: JWocCkCN6ratFbck5Fv2Gdbwb9SFQCNa32hxJWY198UYNxHzEPsyrA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 default-campaign-picture.jpg
www.ketto.org/assets/images/ 3 KB
4 KB 44ms
44ms Image
image/jpeg 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/assets/images/default-campaign-picture.jpg
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27496f51b205e87aef85be66feb529ca72e337441a1264dfa8e896f4e37b2b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166569
etag: "eb967c12b34edcf4cc1123d4abe71b2d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3263
x-amz-cf-id: vg8Ir8aoNPyoDqX4_maP74hHHrr6_y_UIOjz-Y8XvfvR55LeZ2uCTw==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 206 screen_recording.webm
www.ketto.org/assets/videos/ 174 KB
0 218ms
218ms Media
video/webm 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/assets/videos/screen_recording.webm
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 27 Jun 2023 06:57:16 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 166477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-928469/928470
Content-Length: 928470
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
etag: "b855498419cae7e666a18dc51994bca8"
content-type: video/webm
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BmLxQpPPjrKppBJGhBTl4x-0dxVxhkQBeLCQB-9Tjx6Y29xWiBmEOQ==
expires: Fri, 21 Mar 2042 23:59:59 GMT

GET
H2 200 logo-light-bg.svg
ketto.gumlet.io/assets/images/ 2 KB
2 KB 220ms
208ms Image
image/svg+xml 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ketto.gumlet.io/assets/images/logo-light-bg.svg?w=100&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03b1ac9b2a302282837fc3d4ae8538190901502c0466470c4116bc46f6b80379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649177413993b5d657bb5795
age: 760663
x-cache: HIT, MISS
x-gumlet-runtime: 0.519
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1026
x-served-by: cache-fra-etou8220034-FRA, cache-man4122-MAN
x-timer: S1688015513.589436,VS0,VE21
etag: "3l19l1kueobdi"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 30, 0

GET
H2 200 626a109be777492340e46d013c3cad0857a5da3a.png
kettocdn.gumlet.io/media/banner/0/71/image/ 25 KB
25 KB 614ms
612ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/banner/0/71/image/626a109be777492340e46d013c3cad0857a5da3a.png?w=1600&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b017dcecaaa4dcac358d041d40be5a1ec31f236790b4ead1da31cca6a9d46ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649d1298008ea516222cfb10
age: 0
x-cache: MISS, MISS
x-gumlet-runtime: 0.376
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25346
x-served-by: cache-fra-eddf8230102-FRA, cache-man4122-MAN
x-timer: S1688015513.588797,VS0,VE416
etag: "286tl1apa0dox"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 0

GET
H2 200 81d7a1a7626397c32f6c1fb83bfdf476ccd734af.png
kettocdn.gumlet.io/media/banner/0/92/image/ 10 KB
11 KB 215ms
214ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/banner/0/92/image/81d7a1a7626397c32f6c1fb83bfdf476ccd734af.png?w=720&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

89a00b8523ab2203f70a65d7df925df5b1f19bbd00182c0d3b03e786200e068b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6491444d4212385e099b3679
age: 773707
x-cache: HIT, MISS
x-gumlet-runtime: 0.316
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10590
x-served-by: cache-fra-etou8220026-FRA, cache-man4122-MAN
x-timer: S1688015513.589414,VS0,VE59
etag: "1jmpxf3wbfvpt"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 34, 0

GET
H2 200 sac-separator.png
ketto.gumlet.io/assets/images/homepage/ 8 KB
9 KB 173ms
173ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ketto.gumlet.io/assets/images/homepage/sac-separator.png?w=100&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87e3236aa22ba19a80689f797e66ba07acfe99f25bc0d42b7862928c66a14c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 648d7852fe048e386525cf95
age: 1022533
x-cache: HIT, HIT, MISS
x-gumlet-runtime: 0.596
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8548
x-served-by: cache-qpg1278-QPG, cache-fra-eddf8230086-FRA, cache-man4122-MAN
x-timer: S1688015513.589385,VS0,VE19
etag: "ojcidsintjto"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 26, 13, 0

GET
H2 200 defaultBlurImg.png
ketto.gumlet.io/assets/images/ 364 B
552 B 181ms
180ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ketto.gumlet.io/assets/images/defaultBlurImg.png?w=576&dpr=1.0

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e72c76e906d5e7d7b8ccd72ae1ebf32cc73d821d6158866dad86fd0b97e9b51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:52 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6491444d138bc45cdeb79a17
age: 773707
x-cache: HIT, MISS
x-gumlet-runtime: 0.255
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 364
x-served-by: cache-fra-eddf8230090-FRA, cache-man4122-MAN
x-timer: S1688015513.589613,VS0,VE26
etag: "3085vrgnweu30"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 20, 0

GET
H2 200 campaigns Show response
www.ketto.org/api/ 109 KB
30 KB 503ms
503ms XHR
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ketto.org/api/campaigns?tags=trending&currency=gbp&_ku=undefined&with=basicInfo

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-106.fra56.r.cloudfront.net

Software

nginx/1.11.9 /

Resource Hash

0c795a97ca380527869ee1f2eb72053fa13facb3c5a0fe262692c445522d09fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
accept-language: en-GB,en;q=0.9
Authorization: Bearer false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: nginx/1.11.9
x-amz-cf-pop: FRA56-P3
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json
x-cache: Miss from cloudfront
cache-control: no-cache, private
x-amz-cf-id: ye3i-WzrwhmVnMxfGoW-LwclcjKoThdbmOG4hGjfL457zSLXvT3gDg==
x-xss-protection: 1; mode=block

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 23 KB
4 KB 164ms
164ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=326437&settings_type=1&vn=7.0&exc=3|4
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-f0eec28152fad1d8505e8154f9925b20.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: 6748416f2cd0a6811631bcadecea1707372df0dde2e48eaa05ac2d7b6656c2dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: gzip
via: 1.1 google
server: glon1
etag: W/"1687959801"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 106ms
105ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: glon1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:51 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 28 Jun 2023 09:35:01 GMT
server: glon1
etag: "649bfec5-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 system_event.php Show response
www.ketto.org/vars/ 16 B
2 KB 534ms
534ms XHR
application/json 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ketto.org/vars/system_event.php?eventName=pageView&page_name=home&referrer_page=&utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit&ab_testname=&ab_value=&device=desktop
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
Authorization: Bearer false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: FRA56-P3
pageurl-1: 1
x-powered-by: PHP/5.6.40
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 16
x-amz-cf-id: SuOTMrplf0UPqLyU3zFSj4e_ds1mH90UyIA2ct2WK7zca2TybgNekg==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 344 KB
100 KB 158ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6efedb4ae5f9d08e5ce2cd134e20b6ec6e1991b2d7a184ea0973f9905e7becb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101993
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jun 2023 05:11:52 GMT

GET
H/1.1 200
OK a.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 45 KB
16 KB 159ms
50ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-88.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01fa046cfbf941cdc303bd16a8606d7d1bb3c4d46626eaad1f1a209d244ce550

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 05:05:55 GMT
Content-Encoding: gzip
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 358
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 09:21:46 GMT
Server: AmazonS3
ETag: W/"0cce9c6ac99097e7e77f8c4c8a5926b1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, private
X-Amz-Cf-Id: qSPRhC_i0zOnacXB3bgMFVPtZJGYBJr1reRkz7BCqlTx_aymhVKg7Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 146ms
44ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 05:11:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: ci1JTVB037Xs90Lo4VJFAc6lGWYTErFJJL+o2ybzCbCvy+ovI+opmnOmqeqRbC26mDZ7znGS5SMBtnuaLYP1Iw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 f9y7bhc3fx Show response
www.clarity.ms/tag/ 649 B
1013 B 234ms
117ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/f9y7bhc3fx
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ff70e45de9d0d511b6c8d3164a991d8d6305cb611be4403eca5b98f901a79850

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
date: Thu, 29 Jun 2023 05:11:52 GMT
x-azure-ref: 0mBKdZAAAAADkzyxfoAKlQIWPEZCmy+ZRTE9OMjFFREdFMTYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 649
expires: -1

GET
H/1.1 200
OK a Show response
in1.wzrkt.com/ 316 B
836 B 278ms
171ms Script
text/javascript 2600:9000:20eb:ec00:16:b4a8:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in1.wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIACwAlAGwBaIQHYAHBJEihALRAEoAcwQBGLkAAA&optOut=false&rn=1&i=1688015512&sn=0&useIP=false&r=1688015512807

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ec00:16:b4a8:d400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fcd974af3d25943e07f9f1f76c0acf1378376597f433ceddd9939ab2c3b497f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:53 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip
Via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=utf-8
Vary: Accept-Encoding, User-Agent
X-Cache: Miss from cloudfront
Cache-Control: no-cache, no-store, no-cache, no-store
Connection: keep-alive
X-Amz-Cf-Id: l8ShSIXRjcfmtpEsNfp-k8Vl_I3_9wfjvzs7t5YVQOFjVuVwrZgvxw==
Expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 34ms
33ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/f9y7bhc3fx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: br
last-modified: Mon, 26 Jun 2023 21:38:04 GMT
etag: "0x8DB768D9FE1FAC0"
x-azure-ref: 0mBKdZAAAAACURWVMJwhDR4raDmNAEQbfTE9OMjFFREdFMTYxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 576c4243-401e-001a-0205-aa4f04000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F032204F476648ACA201155D3A3CE3E6&RedC=c.clarity.ms&MXFR=10004E21B4EF6688240C5D1EB0EF683C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F032204F476648ACA201155D3A3CE3E6&MUID=0F1D6A1EC4346B0E0E737921C5216AF3

42 B
466 B

40ms
40ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F032204F476648ACA201155D3A3CE3E6&MUID=0F1D6A1EC4346B0E0E737921C5216AF3
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 51D4B0050EE441558A6A55F21E363342 Ref B: LTSEDGE2119 Ref C: 2023-06-29T05:11:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F032204F476648ACA201155D3A3CE3E6&MUID=0F1D6A1EC4346B0E0E737921C5216AF3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 441308802710601 Show response
connect.facebook.net/signals/config/ 150 KB
42 KB 162ms
161ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/441308802710601?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

593783f56cb7caf11d62016a3b8806f612d183fcf8d7a2862492d7ba475d365b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 05:11:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: EQ0+DSda8tTX8W3OrpyFRYRugj2qlxjY3FohnGq/YpWO0hRy2CDV3L9vXGEldKJunTv8YdjE/2clEPQwHgKpYQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1271067/ 58 KB
18 KB 192ms
131ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 099ceb50c759813baab8c2ff33c3013f139ff7912a71091ed3926827b0ea24e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: LejYXGtjrs2YSgcM4RdnxoqSc3Hblj5N
content-encoding: gzip
via: 1.1 varnish
date: Thu, 29 Jun 2023 05:11:53 GMT
x-amz-request-id: KHDPQGH1PD00DXDS
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18344
x-amz-id-2: GHnFbL3cnvZpZN+3nDyaa6P8Ztf3AUNd/nAkoYErcHx+3UbYIesztUTPrNEgbNZNbdDepk9Xbqk=
x-served-by: cache-man4128-MAN
last-modified: Sun, 25 Jun 2023 11:05:24 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688015513.996822,VS0,VE106
etag: "c5ce9cc58e45abc6067e4dbc288266b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 23
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 3 KB
2 KB 155ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1688015512923&cv=11&fst=1688015512923&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&hn=www.googleadservices.com&frm=0&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&auid=1695112804.1688015513&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c18ea9d79c5c95080d3ca44a3bde53ccb4d5d095c22ddf0cf959944038eca80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1378
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 136ms
42ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 05:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 432
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 29 Jun 2023 07:04:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 3 KB
2 KB 154ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1688015512928&cv=11&fst=1688015512928&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&hn=www.googleadservices.com&frm=0&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&auid=1695112804.1688015513&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64457ca57b81baa80922a086fd4c3bf5919da70c90909efb9322a6f2963ec0f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2WHipQMZZIb93rcciYUp.js Show response
tags.creativecdn.com/ 4 KB
2 KB 102ms
31ms Script
application/javascript 34.117.98.198
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.creativecdn.com/2WHipQMZZIb93rcciYUp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.98.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 198.98.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:04:18 GMT
content-encoding: gzip
age: 455
x-guploader-uploadid: ADPycdunH_W4XKCnjdgGRyV4rSmMhomRWY6FwyvtfN5On1EP6zzC5qBs4Vf2sar6qyyIlwd3rTl38dlgYiT7Vdb73W3AI3iRxrjD
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1741
last-modified: Wed, 29 Mar 2023 11:36:17 GMT
server: UploadServer
etag: "7dd71e4b922b44d4a1b639cea2047fcd"
vary: Accept-Encoding
x-goog-generation: 1680089777549743
x-goog-hash: crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
content-type: application/javascript
cache-control: public,max-age=0
x-goog-stored-content-length: 1741
accept-ranges: bytes

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1034141/ 58 KB
18 KB 292ms
241ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1034141/tfa.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63e3dad14a535185458ed4ac99a4c40a3fb43700a0ca5bee938cdd0f20491572

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: NL2emCKm0reU1V1hNCFWnYLJDLFuh_SZ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 29 Jun 2023 05:11:53 GMT
x-amz-request-id: KHDRJRJ81T9CQ1ZA
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18339
x-amz-id-2: eWdKzyCI+NKgvIqj/MudZeXQlzclWF7Bfs8dlUKCODqAZrxFQhp7X/LmuQKWyPY8WCLSqQBg+ac=
x-served-by: cache-man4128-MAN
last-modified: Sun, 25 Jun 2023 11:04:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688015513.996786,VS0,VE216
etag: "7ad7f0733984046f0214126dcbb63214"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 45 KB
15 KB 141ms
69ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 May 2023 12:05:15 GMT
server: nginx
etag: W/"6464c2fb-b219"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 30 Jun 2023 05:11:53 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/KCAAQWJCWVGRDFUJKGTQV6/ 88 KB
27 KB 164ms
43ms Script
text/javascript 2600:9000:225e:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/KCAAQWJCWVGRDFUJKGTQV6/roundtrip.js
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d03a68f398b9887ab9829ad638f9b87eae36fa00a51cabe616e2c37c4c393a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: dKCYrH1qlh3bdyGi0fXHPE8xjaFDePDO
Content-Encoding: gzip
Via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Date: Thu, 29 Jun 2023 04:31:58 GMT
Age: 2438
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 27 Jun 2023 12:44:50 GMT
Server: AmazonS3
Etag: W/"5a37715ee5270cc7eec8e1f717b31783"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: JRRFf2qeQiOHMD55-PMT7sNiQxGCOsX4MC1Ndv3UOLLhsXt1VcSxKg==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 256ms
141ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHE8K43C77U7EI1D4FJG&lib=ttq
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18e170ddacd9bbf659fe9fb5692875677389ca9910648594323d35dfda3c8fae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 10d31190.460bc0eb
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 93,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=6, inner; dur=3
content-length: 1370
pragma: no-cache
server: nginx
x-tt-logid: 202306290511535DA9ED5B7BE7956B44F8
x-cache-remote: TCP_MISS from a23-220-106-203.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.106.203
x-tt-trace-host: 0199e525ad2b418ff90c3ca6cb535708f37f61700f250be21c40484beda16c2bae090ad5e2a2187ca5280c072bb9cc47d6155f487578da5d8daf02350361cb36b3c41325cf9b9d379de8b0a2338b36362eb74982e4f3db4e1eadcd7d898571659ca418ab4f0982ab7ad22db7e85e7b65d9
expires: Thu, 29 Jun 2023 05:11:53 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 214ms
141ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI7UF8JC77UBJAEBR9UG&lib=ttq
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 66d9ea624bd17b3e8a071b15e43de12d6a7cf408d13dce94c7d684e060b723e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: cdd14e1.460bc0ec
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 93,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=7, inner; dur=3
content-length: 1376
pragma: no-cache
server: nginx
x-tt-logid: 202306290511539C7B75789B84F46F7EF1
x-cache-remote: TCP_MISS from a23-220-106-211.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.106.211
x-tt-trace-host: 0199e525ad2b418ff90c3ca6cb535708f37f61700f250be21c40484beda16c2bae5e960def0d27bb902148d9165b9099ff547cec5e6a1cc60eba8624b7ed4911d27cda553a7d2fa41c27e8597ee74bc4903f2bcec14d75caee825017eafa013fa00c2b1904b1bb151bb0670356cd65cb3b
expires: Thu, 29 Jun 2023 05:11:53 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
15 KB 168ms
73ms Script
application/javascript 2a02:2638:d::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=56509

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e9b899f9e3e221a055895e9f8a21cdbc3634c3cabb2175e76208b2c423ff09ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
88 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C0B8GLTCNR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91db6cd7747597a965712b9baedd75c5d0b5b6e2c7bd250003da45ef62f7665b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Jun 2023 05:11:52 GMT

GET
H2 200 eventTracking.htm
ade.clmbtech.com/cde/ 1 KB
1 KB 408ms
248ms Image
image/jpeg 2a02:26f0:7100::210:121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/cde/eventTracking.htm?pixelId=8367&_w=1&_t=2&ad=&col_ci=&rd=1688015512935

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.116:81
cache-control: private
x-request-time: 0.003
content-disposition: inline;filename=f.txt
content-length: 1121
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 67 KB
22 KB 70ms
45ms Script
text/javascript 2600:9000:225e:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a8177ea57b73e6d04544d59b5a48e8ffe03d8904f5c2a2754b9c34219abe82b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: ynjGLHCZyIhadPv8Qz1n_wki97bxL8oO
Content-Encoding: gzip
Via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Date: Thu, 29 Jun 2023 04:38:57 GMT
Age: 1978
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 22 Jun 2023 17:43:19 GMT
Server: AmazonS3
Etag: W/"527ca8c7c9b842ca9719a241fc1f2629"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: bcxAjj9bpeaW66YvFtH0wvF-iWumHceuETDFckM4cIAcEKwRaI2byw==

GET
H2

200

mi-shine.png
www.ketto.org/fundraiser/https:/kettocdn.gumlet.com/images/
Redirect Chain

https://www.ketto.org/https://kettocdn.gumlet.com/images/mi-shine.png
https://www.ketto.org/fundraiser/https:/kettocdn.gumlet.com/images/mi-shine.png

10 KB
10 KB

202ms
202ms

Image
text/html

52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/fundraiser/https:/kettocdn.gumlet.com/images/mi-shine.png
Protocol: H2
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 06:57:31 GMT
content-encoding: gzip
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 80167
x-amz-server-side-encryption: AES256
etag: W/"666e32741685fa416835f808ac6bb8d7"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
cache-control: max-age=31536000
x-amz-cf-id: 1y_D-dGqZsq_pc_0tps2fGr7OFj8x4Rx-Tq7Rj3BGo87ofJ_9pp6Nw==
expires: Fri, 21 Mar 2042 23:59:59 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
x-amz-cf-pop: FRA56-P3
pageurl-1: 1
x-powered-by: PHP/5.6.40
vary: Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
location: /fundraiser/https:/kettocdn.gumlet.com/images/mi-shine.png
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
x-amz-cf-id: 9eXb8_exKMO7zsJdNZAAqpSz_50FQ59Dx6TLIiZsITFUSfUM6g8C7A==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 default-campaign-picture.jpg
www.ketto.org/assets/images/ 3 KB
4 KB 44ms
43ms Image
image/jpeg 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ketto.org/assets/images/default-campaign-picture.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27496f51b205e87aef85be66feb529ca72e337441a1264dfa8e896f4e37b2b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 06:55:44 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jun 2023 06:55:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 166570
etag: "eb967c12b34edcf4cc1123d4abe71b2d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3263
x-amz-cf-id: H9Xv5btgdVP4TF_sOQ4aplca8IfYU3QMbo-GRUDZ7htaPjhXKfqKfA==
expires: Fri, 21 Mar 2042 23:59:59 GMT

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 699ms
228ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ketto.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.ketto.org
access-control-max-age: 3600
content-length: 0
date: Thu, 29 Jun 2023 05:11:53 GMT
vary: Origin

POST
H2

200

v2 Show response
asia.creativecdn.com/tags/
Redirect Chain

https://asia.creativecdn.com/tags/v2?type=json
https://asia.creativecdn.com/tags/v2?type=json&tc=1

2 B
379 B

229ms
228ms

Fetch
application/json

103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:54 GMT, Thu, 29 Jun 2023 05:11:54 GMT
vary: Origin, Accept-Encoding
access-control-max-age: 3600
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.ketto.org
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 29 Jun 2023 05:11:54 GMT
vary: Origin
access-control-max-age: 3600
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://www.ketto.org
access-control-allow-methods: GET, POST
location: https://asia.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect Show response
gtm.ketto.org/g/ 1 KB
1 KB 348ms
190ms XHR
text/plain 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.ketto.org/g/collect?v=2&tid=G-C0B8GLTCNR&gtm=45je36s0&_p=885352276&_gaz=1&cid=2023735736.1688015513&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=GB&sst.gse=1&sst.etld=google.co.uk&sst.gcsub=region1&_s=1&sid=1688015513&sct=1&seg=0&dl=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&dt=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&en=page_view&_fv=1&_nsi=1&_ss=1&richsstsse

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

2eaa2272e8938c1b55e85fc9e91062a8cf049d95e67a093990b2a634070930fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
x-cloud-trace-context: 0262d884d3b14afe5e0f5ab6007d3bb4
cache-control: no-cache
access-control-allow-credentials: true
content-length: 711
expires: Thu, 29 Jun 2023 05:11:53 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 112ms
37ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C0B8GLTCNR&cid=2023735736.1688015513&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0B8GLTCNR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
408 B 145ms
52ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C0B8GLTCNR&cid=2023735736.1688015513&gtm=45je36s0&aip=1&z=1825470017

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/930975017/ 42 B
108 B 153ms
56ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/930975017/?random=1688015512923&cv=11&fst=1688014800000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&frm=0&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&fmt=3&is_vtc=1&random=1821279860&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/930975017/ 42 B
154 B 143ms
56ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/930975017/?random=1688015512923&cv=11&fst=1688014800000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&frm=0&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&fmt=3&is_vtc=1&random=1821279860&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/963384337/ 42 B
455 B 142ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/963384337/?random=1688015512928&cv=11&fst=1688014800000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&frm=0&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&fmt=3&is_vtc=1&random=4255793384&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/963384337/ 42 B
108 B 114ms
56ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/963384337/?random=1688015512928&cv=11&fst=1688014800000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&frm=0&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&fmt=3&is_vtc=1&random=4255793384&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/KCAAQWJCWVGRDFUJKGTQV6/ 54 B
811 B 45ms
44ms Script
application/javascript 2600:9000:225e:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/KCAAQWJCWVGRDFUJKGTQV6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/KCAAQWJCWVGRDFUJKGTQV6/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9f6b7adef81eaa57f5ac0afaab01f012e6aa4d9e313422ceb1fd48eaf4704b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: BLRPFUPgEUCWvRixWJrgQHXkvY83krqg
Date: Wed, 28 Jun 2023 07:01:54 GMT
Via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Age: 79800
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 54
Last-Modified: Tue, 21 Mar 2023 16:34:45 GMT
Server: AmazonS3
Etag: "92f236985154a498583372b1231d6526"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Qt05jzSjSAKUCCrUWVRoCJshRyvnubOnNbCVMwFfDyN1DW2Q1I4DdQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 49ms
49ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=885352276&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ul=en-us&de=UTF-8&dt=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAEK~&jid=266684574&gjid=1317581877&cid=2023735736.1688015513&tid=UA-30181760-1&_gid=1363478518.1688015513&_r=1&_slc=1&gtm=45He36s0n71MJRMLZ&cd2=2023-06-29T05%3A11%3A52.926%2B00%3A00&z=185733138

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1271067/trc/3/ 2 KB
2 KB 59ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1271067/trc/3/json?tim=1688015513244&data=%7B%22id%22%3A423%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1688015513240%2C%22cv%22%3A%2220230625-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ketto.org%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dketto-inr-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1688015513243%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dff2c94b6e6460fb9b169e4982b838994b1c8eaa9d2cbac577f93a149d1ab7f3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 23
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 11595
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-man4128-MAN
server: nginx
x-timer: S1688015513.315509,VS0,VE23
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
293 B 359ms
121ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ketto.org
Date: Thu, 29 Jun 2023 05:11:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H/1.1 200
OK a Show response
in1.wzrkt.com/ 388 B
919 B 172ms
172ms Script
text/javascript 2600:9000:20eb:ec00:16:b4a8:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in1.wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIKYA8AucBOA7AhgGwPoGMkQAacAWxnjMwEtsTx9KAOABgHNclMFcAjOOjgAzGkVI0AJpQAsAJQBsAWhkB2ZkrlyZALQYAHdjACMpfIcoALJEn0RoAegcB3VwDoA1nBsB7Nz9R2BwB%2BMCQyXAgfMFR8OABeRBQMHAIkADIwiLI4SRowMkTqOkzwgkwyfVp2dHi2AHEuHn5BETEGAHUdOQBpXABhAEEAWQAFGFBnSphWUiRsJmgAbQBdAF81oAAA&rn=2&i=1688015512&sn=0&gc=206c14c5832a42b68b0155615445cc1a&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IFsALAawDMBBAewEkBhCgNRMxABMIAXAZzgAYsbIvywA3OAEYskXvGAACAL6tsbfABYASgDYAtOoDsADl2bN6hKwCmXWQJAAnW5O1GjfCQFZPEgMyKgA&useIP=false&r=1688015513252

Requested by

Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ec00:16:b4a8:d400:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5b1bb616754d377f8a08c9fa0e11b1f2b14e925fc4942b9fa2951c203efff8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:53 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
Content-Encoding: gzip
Via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=utf-8
Vary: Accept-Encoding, User-Agent
X-Cache: Miss from cloudfront
Cache-Control: no-cache, no-store, no-cache, no-store
Connection: keep-alive
X-Amz-Cf-Id: U_BUW8b2G2kE08v2J1vFqPCDxy2N99UFzpC1c9Y09oCWNcqgBwKuBw==
Expires: 0

GET
H3 200 2400573756790791 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 169ms
169ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2400573756790791?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee87661aca0ce4b0b7660faf2f2a78d9a0f6df3f3fecb43d7b95462252fe7809

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Jun 2023 05:11:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ksZPYwVW0tPSFahlUkMJWRPr2igu8QLaKarHiizBa4irGol+Hx4HCKxHPt65jtJnwsFjikkoYvOkCTQQlNK7eQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 132ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&rl=&if=false&ts=1688015513266&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=28&fbp=fb.1.1688015513264.53494533&cs_est=true&it=1688015512890&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 05:11:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 37ms
37ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30181760-1&cid=2023735736.1688015513&jid=266684574&gjid=1317581877&_gid=1363478518.1688015513&_u=YADAAEAAAAAAACAEK~&z=921992175

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTcyYWM1ZjQwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 314 KB
83 KB 46ms
46ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI7UF8JC77UBJAEBR9UG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 460bc135
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306271232441AB54FCB929A2E33D964
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e36d039255305e9fcc5dd16abc26975a0920893c5b48edca42a01e9fd6e21e39afc16e2d5cece8c24ec84eaf428a3f988ed2da45faaf8c920a747bad4027b06c74bfda780a06ffa44a3f95709c148d9622ce90c083e0d71a6955ded8a917c5f130792850b52621fdf13ddd2c6dbbef14
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 84200

GET
H2 200 KCAAQWJCWVGRDFUJKGTQV6 Show response
d.adroll.com/consent/check/ 457 B
550 B 186ms
54ms Script
application/javascript 2a05:d018:cc3:fe05:7a5a:856b:f187:f490
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KCAAQWJCWVGRDFUJKGTQV6?pv=21592718703.592407&arrfrr=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&_s=1ee51a2716a32d2f9d47d9094f935ea8&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/KCAAQWJCWVGRDFUJKGTQV6/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:7a5a:856b:f187:f490 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 39f2116c81614556941952562469fb3ef9894038b874040971b20287522eb623

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:53 GMT
server: nginx/1.22.1
content-length: 457
content-type: application/javascript

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 56ms
55ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30181760-1&cid=2023735736.1688015513&jid=266684574&_u=YADAAEAAAAAAACAEK~&z=1558080073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 55ms
54ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30181760-1&cid=2023735736.1688015513&jid=266684574&_u=YADAAEAAAAAAACAEK~&z=1558080073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1383823/trc/3/ 2 KB
1 KB 50ms
50ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1383823/trc/3/json?tim=1688015513369&data=%7B%22id%22%3A543%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1688015513240%2C%22cv%22%3A%2220230625-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ketto.org%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dketto-inr-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1688015513245%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e82e91ab01fa4ee5ec230037fb31917ef2babd21111dcb9e860b07a85c3a18e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 26
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 11526
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-man4128-MAN
server: nginx
x-timer: S1688015513.384183,VS0,VE26
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 wid1f1a33100b0ce11487774ca00c4341f7d0364e69.jpg
kettocdn.gumlet.io/media/campaign/212000/212655/image/ 12 KB
12 KB 47ms
46ms Image
image/avif 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/campaign/212000/212655/image/wid1f1a33100b0ce11487774ca00c4341f7d0364e69.jpg?w=320&dpr=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7ddd5e3aae37f8d4c96cb8bd53e537470a93487dd645f1728e805b4af1926988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649a99aefaf73d2cf9bdb427
age: 162027
x-cache: HIT, MISS
x-gumlet-runtime: 0.318
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12107
x-served-by: cache-fra-etou8220084-FRA, cache-man4125-MAN
x-timer: S1688015513.390402,VS0,VE22
etag: "g3rxuszl1v49"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 10, 0

GET
H3 200 wid648ef7425a1a4.jpg
kettocdn.gumlet.io/media/campaign/281000/281759/image/ 13 KB
13 KB 54ms
53ms Image
image/avif 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/campaign/281000/281759/image/wid648ef7425a1a4.jpg?w=320&dpr=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

58495306dd51f3a3a52d249ec61cbd886995aaf392746244fdd714af85212dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6496a03c8e3963d9135e0d2b
age: 422492
x-cache: HIT, MISS
x-gumlet-runtime: 0.312
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12985
x-served-by: cache-fra-eddf8230094-FRA, cache-man4125-MAN
x-timer: S1688015513.390395,VS0,VE28
etag: "1s6p6co2qey6q"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 25, 0

GET
H3 200 wid627fff291f29d.png
kettocdn.gumlet.io/media/campaign/625000/625122/image/ 18 KB
18 KB 45ms
45ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/campaign/625000/625122/image/wid627fff291f29d.png?w=320&dpr=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d87ca18e4cae982c9303b2faf467a7b562e193b6918c5498e7c1157e3cabb966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-oc: HIT
x-gumlet-reqid: ZH8HG0PnnoFdwsZO
age: 1969022
x-cache: HIT, MISS
x-gumlet-runtime: 0.157
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18100
x-served-by: cache-fra-eddf8230029-FRA, cache-man4125-MAN
x-timer: S1688015513.390370,VS0,VE20
etag: "3hnrax57s323o"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000, stale-while-revalidate=86400, stale-if-error=86400
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 73, 0

GET
H3 200 5fb377319fef9.jpg
kettocdn.gumlet.io/media/individual/2197000/2197737/image/ 1 KB
2 KB 319ms
318ms Image
image/avif 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/individual/2197000/2197737/image/5fb377319fef9.jpg?w=50&dpr=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

341f196e4f81c7b12b900481474dbb715b7b5fb994f9f67b6fd9d0b79acb7994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 649d129968001f72812f20ce
age: 0
x-cache: MISS, MISS
x-gumlet-runtime: 0.266
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1077
x-served-by: cache-fra-eddf8230056-FRA, cache-man4125-MAN
x-timer: S1688015513.394412,VS0,VE290
etag: "2xj3hsf5y4r0o"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 0, 0

GET
H3 200 06ca47bf6fb24ce0f07a112d71b9f1a83a845b24.png
kettocdn.gumlet.io/media/ngo/2126000/2126175/image/ 1 KB
2 KB 55ms
54ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kettocdn.gumlet.io/media/ngo/2126000/2126175/image/06ca47bf6fb24ce0f07a112d71b9f1a83a845b24.png?w=50&dpr=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5f15658d1cacb8c718ad72a407422e8ff697eb20909df8e6511bf6b7b4f993a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 64833f52d93cfcae4215c352
age: 1692485
x-cache: HIT, HIT, MISS
x-gumlet-runtime: 1.067
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1270
x-served-by: cache-qpg1272-QPG, cache-fra-eddf8230046-FRA, cache-man4125-MAN
x-timer: S1688015513.394396,VS0,VE26
etag: "2iyz5p373vddy"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 50, 17, 0

GET
H3 200 Tax-benefit.png
ketto.gumlet.io/assets/images/ 2 KB
2 KB 64ms
64ms Image
image/webp 2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ketto.gumlet.io/assets/images/Tax-benefit.png?w=100&dpr=1.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d58920b4fb20fa2bcb7db7c17f246be1c9d6c302bba848419e8c02bf5369a07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-gumlet-pc: HIT
date: Thu, 29 Jun 2023 05:11:53 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
nel: {'report_to': 'gumlet-nel', 'max_age': 604800, 'success_fraction': 0.005, 'response_headers':['content-length'] }
x-gumlet-reqid: 6459fd8c08e709d7bcb8a3d4
age: 4396301
x-cache: HIT, MISS
x-gumlet-runtime: 0.295
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1774
x-served-by: cache-fra-eddf8230045-FRA, cache-man4125-MAN
x-timer: S1688015513.398113,VS0,VE24
etag: "3wrjef9zq2gk"
access-control-max-age: 3600
report-to: {'group': 'gumlet-nel', 'max_age': 604800, 'endpoints': [{'url': 'https://nel.gumlytics.com/report'}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
vary: accept
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 67, 0

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
293 B 532ms
334ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ketto.org
Date: Thu, 29 Jun 2023 05:11:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 identify_70a9a.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
30 KB 47ms
46ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_70a9a.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-akamai-request-id: 460bc182
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202306271232439121A65D57F13CFE52A0
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0138aa087b45a77d3363349286db5de99256848ea62117b62b8d8ed3f318b7479bf38c39e2f740b77e4fa977304716a23c800fe72d90ba30eb9a7ad734ad68db5acaca02d0a1e661dec9c8452130c4c28e10e916d1f5c2fec24e67c5ea384dd627
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30666

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 202ms
201ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 33deca7.460bc196
date: Thu, 29 Jun 2023 05:11:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
x-parent-response-time: 149,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=115, origin; dur=42, inner; dur=40
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230629051153EAED8918F88DE4D60F1D
x-cache-remote: TCP_MISS from a184-25-157-175.deploy.akamaitechnologies.com (AkamaiGHost/11.1.3-49328623) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,184.25.157.175
x-tt-trace-host: 0199e525ad2b418ff90c3ca6cb535708f3f07acb74d56bdbcd41975cdd381d7440b3e93ffadefa881b1ac89b31f331084919447583c4fe3a1f2ab0f3e7ddf92cf95d356d43867ec1f196d8fae293d0b6fd2b7ad6837db0677f20c8cb76190789561c633e29a36bc40160c0d958852f24b1
expires: Thu, 29 Jun 2023 05:11:53 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
553 B 177ms
176ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyYWM1ZjQwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
x-akamai-request-id: 460bc199
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230629051153B83E01B9068D518C3D6A
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.1.2-48827901) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 127,104.126.37.38
x-tt-trace-host: 0199e525ad2b418ff90c3ca6cb535708f3f07acb74d56bdbcd41975cdd381d74401c79237c6aab2372bd36d11f14e71805a1df0b7b317362f08bf46b29569ab7a4b82a91378fcb1180ed4ccf4ce5910b1bbe4cb56ca522baa1735efd033ee8a853
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=3, origin; dur=127
content-length: 0
expires: Thu, 29 Jun 2023 05:11:53 GMT

GET
H/1.1 200
OK wzrk_dialog.min.js Show response
d2r1yp2w7bby2u.cloudfront.net/js/ 5 KB
2 KB 44ms
43ms Script
application/javascript 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/wzrk_dialog.min.js
Requested by: Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-88.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5a31e088ca5323f5198d7a8642d71c8f98f28fe4c3602dd6dec3d6050cddba2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 05:01:56 GMT
Content-Encoding: gzip
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 598
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 29 May 2023 09:21:45 GMT
Server: AmazonS3
ETag: W/"d88c7f215ede5f1df721205a700d563e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, private
X-Amz-Cf-Id: cVgytL2RxIOm1BSMHklk45_EOAYeFR7Th3H-cBEDHzeIWte-aXBdrg==

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 418 KB
56 KB 44ms
43ms Script
text/javascript 2600:9000:225e:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/KCAAQWJCWVGRDFUJKGTQV6/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30914e620ba424e4691b6f57c37f29e90c723e2360f0c6aec0757e456a923eb1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: 9mxGGJNi8ryLrVUTXj0j28oaWNsGk.Ww
Content-Encoding: gzip
Via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Date: Thu, 29 Jun 2023 05:10:53 GMT
Age: 67
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2023 14:34:51 GMT
Server: AmazonS3
Etag: W/"8888d355e5a597edba8cd7932dc2044b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: sgTD3CX4AkSaVdSPbg06k9nl3NruF1Mly_zMgybvTT5DVSuyuCHD9w==

POST
H2 204 collect
region1.analytics.google.com/g/s/ 0
253 B 118ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/s/collect?_gsid=C0B8GLTCNR5GN-fOjtZaP0KIsUQuBDFQ
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0B8GLTCNR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 39ms
37ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C0B8GLTCNR&cid=qsQgIzQH35bsX8TMK8HpNrB3cL4Rfpbwffdi5%2B2e1ZA%3D.1688015513&gtm=45j91e36r1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C0B8GLTCNR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ketto.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 55ms
53ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C0B8GLTCNR&cid=qsQgIzQH35bsX8TMK8HpNrB3cL4Rfpbwffdi5%2B2e1ZA%3D.1688015513&gtm=45j91e36r1&aip=1&z=1814597257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.co.uk/pagead/1p-user-list/307507820/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/307507820/?random=216506247&fst=1688015513474&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.k...
https://www.google.com/pagead/1p-user-list/307507820/?random=216506247&fst=1688014800000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_sour...
https://www.google.co.uk/pagead/1p-user-list/307507820/?random=216506247&fst=1688014800000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_so...

42 B
64 B

54ms
54ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/307507820/?random=216506247&fst=1688014800000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&is_vtc=1&random=3064306801&ipr=y

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/pagead/1p-user-list/307507820/?random=216506247&fst=1688014800000&cv=10&fmt=3&bg=ffffff&guid=ON&u_w=1600&u_h=1200&gtm=45j91e36r1&url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&tiba=Ketto%3A%20Crowdfunding%20India%20%7C%20%231%20Crowdfunding%20Website%20For%20Fundraising%20-%20Ketto&is_vtc=1&random=3064306801&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK PB_CT_new.png
d2r1yp2w7bby2u.cloudfront.net/js/ 8 KB
9 KB 47ms
46ms Image
image/png 13.225.78.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2r1yp2w7bby2u.cloudfront.net/js/PB_CT_new.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-88.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5815f8715aa038803c4aa101915b811fdc1e935fe4617a0da7a4f6586775071

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 05:04:16 GMT
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 457
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8497
Last-Modified: Mon, 29 May 2023 09:21:49 GMT
Server: AmazonS3
ETag: "178040ad9cf7040646d09a3a33c5ac4a"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=1800, private
Accept-Ranges: bytes
X-Amz-Cf-Id: J1iXZww52VRjKi3HluMn1zTQ1IbRh9i1uoKZ42LjZrDe8hF0rYv2Gw==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 43ms
43ms Image
image/png 2600:9000:225e:b800:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Wed, 28 Jun 2023 23:46:10 GMT
Via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Age: 19544
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pvGpoYRNykOt1qOWvDqu663S4mm7ZUiQDXMeJzkjf9kgvvU1_jXrag==

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 44ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2400573756790791&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&rl=&if=false&ts=1688015513671&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688015513264.53494533&it=1688015512890&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Jun 2023 05:11:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 643E 0
18 B 42ms
42ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.ketto.org
Referer: https://www.ketto.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.ketto.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 05:11:54 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6CC9 15 KB
6 KB 114ms
39ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.ketto.org&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ketto.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 05:11:53 GMT
server: Kestrel
server-processing-duration-in-ticks: 253125
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6CC9
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=ketto.org&sn=ChromeSyncframe&so=0&topUrl=www.ketto.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ftnFWHxNUldhZ3dSa3hZZjJSM21Qb3ZxMkNPOG4wL3N0TDlBWGx5N2dvT0ZEQk51Ynl6TXpjVThiZUVENDQrS3daREZ3Q0hOdjNKT3ZKVld1M0R0NlhaZ1pnaUNYSEZ5WitSdlpPNGQzRi9WSmVLRFl6bm5BTHEvZ240Y2...

449 B
675 B

123ms
37ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ftnFWHxNUldhZ3dSa3hZZjJSM21Qb3ZxMkNPOG4wL3N0TDlBWGx5N2dvT0ZEQk51Ynl6TXpjVThiZUVENDQrS3daREZ3Q0hOdjNKT3ZKVld1M0R0NlhaZ1pnaUNYSEZ5WitSdlpPNGQzRi9WSmVLRFl6bm5BTHEvZ240Y2hjVXFNalFwcDBiRG1sTWVOM2ZEbThmREY0TTkxK0RsTG12QzU2Y1FRaUtvVmoxV1pnZE1UMkphWXhpK0ZqVCtBVzVLTjkwWWpKSGhaVnFDZWlnTWR1ZkxNT2dyczdwUXZYdU1UZnVCSGtBZHVjSnFKSXhZQkpWVmVDSkt2cE9JVFBhbUNINDJ3WHE1UjhKN2N3bU5RRDNIeEVRa0VBZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9a46430a09daf15c70445ee6c1f306500e8ff29b750b5bafadb7f997cf044257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1053340
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ftnFWHxNUldhZ3dSa3hZZjJSM21Qb3ZxMkNPOG4wL3N0TDlBWGx5N2dvT0ZEQk51Ynl6TXpjVThiZUVENDQrS3daREZ3Q0hOdjNKT3ZKVld1M0R0NlhaZ1pnaUNYSEZ5WitSdlpPNGQzRi9WSmVLRFl6bm5BTHEvZ240Y2hjVXFNalFwcDBiRG1sTWVOM2ZEbThmREY0TTkxK0RsTG12QzU2Y1FRaUtvVmoxV1pnZE1UMkphWXhpK0ZqVCtBVzVLTjkwWWpKSGhaVnFDZWlnTWR1ZkxNT2dyczdwUXZYdU1UZnVCSGtBZHVjSnFKSXhZQkpWVmVDSkt2cE9JVFBhbUNINDJ3WHE1UjhKN2N3bU5RRDNIeEVRa0VBZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 270122
content-length: 0
expires: 0

OPTIONS
H2 200 v2
asia.creativecdn.com/tags/ Frame 0
0 228ms
228ms Preflight 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://asia.creativecdn.com/tags/v2?type=json&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ketto.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.ketto.org
access-control-max-age: 3600
content-length: 0
date: Thu, 29 Jun 2023 05:11:54 GMT
vary: Origin

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=56509&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=HbzjiV9ySmclMkJZV3pWNSUyQm9VZGx...
https://widget.as.criteo.com/event?a=56509&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=HbzjiV9ySmclMkJZV3pWNSUyQm9VZGx...

8 KB
4 KB

876ms
292ms

Script
application/x-javascript

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/event?a=56509&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=HbzjiV9ySmclMkJZV3pWNSUyQm9VZGxXTHM2eGI1ZGRYQlNhbU92aWUyMDZxUWFoR05qbDJmQldEYWpQJTJCZnolMkY1TDJYN1ZRdWxJbnE1aTg3MTFrTWg2VW1ibDU0U1FpT2FYbSUyRll2QSUyRjdhM2NYSGY0WUV2dGNEb2F5RHN3N2h0M2hhZkp2YU90JTJCQ2JIanU5VHU2bUxDQXA2S3RsSU0xQSUzRCUzRA&tld=ketto.org&fu=https%253A%252F%252Fwww.ketto.org%252F%253Futm_source%253Dexternal_ct%2526utm_medium%253Demail%2526utm_campaign%253D80G_tax_benefit&ceid=f73cbc66-5947-460c-8eb2-86a342efe028&dtycbr=85519

Protocol

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

9dc38129ae209213d3b8807c75ab06af56156431da7bbb15017deff1c3b3b755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 18087185
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.as.criteo.com/event?a=56509&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-criteo-2.0.0&p3=e%3Ddis&adce=1&bundle=HbzjiV9ySmclMkJZV3pWNSUyQm9VZGxXTHM2eGI1ZGRYQlNhbU92aWUyMDZxUWFoR05qbDJmQldEYWpQJTJCZnolMkY1TDJYN1ZRdWxJbnE1aTg3MTFrTWg2VW1ibDU0U1FpT2FYbSUyRll2QSUyRjdhM2NYSGY0WUV2dGNEb2F5RHN3N2h0M2hhZkp2YU90JTJCQ2JIanU5VHU2bUxDQXA2S3RsSU0xQSUzRCUzRA&tld=ketto.org&fu=https%253A%252F%252Fwww.ketto.org%252F%253Futm_source%253Dexternal_ct%2526utm_medium%253Demail%2526utm_campaign%253D80G_tax_benefit&ceid=f73cbc66-5947-460c-8eb2-86a342efe028&dtycbr=85519
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3211739
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1271067/log/3/ 0
246 B 134ms
36ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1688015513242&ver=36&isls=true&src=i&invt=1500&msa=3688&rv=1&tim=1688015514807&vi=1688015513240&ri=bcf70b957a963bcbadf8b51a807a433a&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ler=other
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.ketto.org
pragma: no-cache
date: Thu, 29 Jun 2023 05:11:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1383823/log/3/ 0
245 B 134ms
37ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1383823/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1688015513242&ver=36&isls=true&src=i&invt=1500&msa=3688&rv=1&tim=1688015514808&vi=1688015513240&ri=4b54d51da0353aa49164cf206b436481&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ler=other
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.ketto.org
pragma: no-cache
date: Thu, 29 Jun 2023 05:11:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
293 B 117ms
117ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ketto.org
Date: Thu, 29 Jun 2023 05:11:55 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 69CA
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30

43 B
346 B

46ms
45ms

Image
image/gif

3.69.35.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30
Protocol: H2
Server: 3.69.35.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-35-126.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-JEyn7ioF8S3UNmMKzI4VCkUjNoCCIGZgjCRJ2A&expires=30
date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 69CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-KmdkDSoF8S3UNmMKzI4VCkUjNoBFj9HdYh59RA&google_cm&google_hm=ay1LbWRrRFNvRjhTM1VObU1Lekk0VkNrVWpOb0JGajlIZ...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KmdkDSoF8S3UNmMKzI4VCkUjNoBFj9HdYh59RA&google_gid=CAESEJV3tr0pia7N4wkNRCDIxvk&google_cver=1&google_ula=913071,0

43 B
369 B

52ms
37ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KmdkDSoF8S3UNmMKzI4VCkUjNoBFj9HdYh59RA&google_gid=CAESEJV3tr0pia7N4wkNRCDIxvk&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 574124
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-KmdkDSoF8S3UNmMKzI4VCkUjNoBFj9HdYh59RA&google_gid=CAESEJV3tr0pia7N4wkNRCDIxvk&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 69CA
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-AYQ7xioF8S3UNmMKzI4VCkUjNoCK37dfaOTITw
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AYQ7xioF8S3UNmMKzI4VCkUjNoCK37dfaOTITw

43 B
1 KB

43ms
43ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AYQ7xioF8S3UNmMKzI4VCkUjNoCK37dfaOTITw

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:55 GMT
AN-X-Request-Uuid: 378e9ebb-b66f-4d71-8b7b-1fd938ef96f7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:55 GMT
AN-X-Request-Uuid: f620eb5d-3cf7-4c85-87a5-2338f0218fac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AYQ7xioF8S3UNmMKzI4VCkUjNoCK37dfaOTITw
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 69CA 61 B
793 B 232ms
125ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2w9TgyoF8S3UNmMKzI4VCkUjNoC6QaujPcU8wQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 05:11:55 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 29 Jun 2023 05:11:55 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 69CA 0
239 B 214ms
47ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-wjwlBioF8S3UNmMKzI4VCkUjNoAHzGKKRU2x6Q&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 69CA 0
363 B 151ms
43ms Image
text/plain 3.71.158.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-QqThJyoF8S3UNmMKzI4VCkUjNoCwVLQb-rw8mA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.158.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-158-141.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 69CA 43 B
114 B 159ms
43ms Image
image/gif 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-qFbHIioF8S3UNmMKzI4VCkUjNoA81oPQaag_Ig
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 69CA 0
98 B 60ms
37ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Xvt7bSoF8S3UNmMKzI4VCkUjNoA660G6NVS30w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 50362

GET
H2 200 um
criteo-sync.teads.tv/ Frame 69CA 23 B
163 B 224ms
72ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-PoR6uyoF8S3UNmMKzI4VCkUjNoCJduV14ivw_w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 29 Jun 2023 05:11:55 GMT
pragma: no-cache
date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 69CA 37 B
140 B 137ms
48ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-KP2Z7CoF8S3UNmMKzI4VCkUjNoDTFen6_jUKzw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 69CA 0
125 B 173ms
49ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QqR26CoF8S3UNmMKzI4VCkUjNoCCW30KsKqwXw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 69CA 43 B
162 B 180ms
50ms Image
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-BZ45UioF8S3UNmMKzI4VCkUjNoAgXrj_8RIKcg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
last-modified: Wed, 10 Apr 2019 11:14:34 GMT
server: nginx
accept-ranges: bytes
etag: "5cadd01a-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 69CA 49 B
235 B 121ms
40ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-M49qRSoF8S3UNmMKzI4VCkUjNoAsTdRqOF_iKA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:55 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 69CA
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4tifJioF8S3UNmMKzI4VCkUjNoCGGZZioHXi7Q
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4tifJioF8S3UNmMKzI4VCkUjNoCGGZZioHXi7Q&C=1

43 B
766 B

44ms
44ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-4tifJioF8S3UNmMKzI4VCkUjNoCGGZZioHXi7Q&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-4tifJioF8S3UNmMKzI4VCkUjNoCGGZZioHXi7Q&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 69CA
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=xCIHsSLJmt7Lk9DH1dInsMNwwzv-2kLu
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xCIHsSLJmt7Lk9DH1dInsMNwwzv-2kLu

42 B
942 B

45ms
45ms

Image
image/gif

52.215.156.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xCIHsSLJmt7Lk9DH1dInsMNwwzv-2kLu

Protocol

HTTP/1.1

Server

52.215.156.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-156-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0a74cb81c.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZIyj8NBWR8I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 6xpb/B4sTGM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=xCIHsSLJmt7Lk9DH1dInsMNwwzv-2kLu
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 69CA 43 B
1 KB 391ms
45ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-79amkCoF8S3UNmMKzI4VCkUjNoBkx-GcY_0Ygg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 29 Jun 2023 05:11:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 69CA
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gMJbICoF8S3UNmMKzI4VCkUjNoCFLjH_OsbiHA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gMJbICoF8S3UNmMKzI4VCkUjNoCFLjH_OsbiHA

43 B
446 B

44ms
43ms

Image
image/gif

3.251.15.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gMJbICoF8S3UNmMKzI4VCkUjNoCFLjH_OsbiHA
Protocol: H2
Server: 3.251.15.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-251-15-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 05:11:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gMJbICoF8S3UNmMKzI4VCkUjNoCFLjH_OsbiHA
access-control-allow-origin: *
date: Thu, 29 Jun 2023 05:11:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 69CA 42 B
274 B 111ms
39ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-MQ2wdCoF8S3UNmMKzI4VCkUjNoCn2zT99mXvvQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 69CA 0
886 B 151ms
46ms Image
text/html 18.156.131.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-iGeXCioF8S3UNmMKzI4VCkUjNoA0s00WFnkdeQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.131.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-131-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 69CA 0
145 B 707ms
174ms Image
text/plain 66.225.223.191
NTTA-3946

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-k1HGBCoF8S3UNmMKzI4VCkUjNoCbG20vDklHtg&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.225.223.191 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS: sa.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 05:11:56 GMT
Cache-Control: no-cache
X-TraceId: a28b0efba1d6037e590969bfe366594c
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 69CA 42 B
585 B 568ms
205ms Image
image/gif 204.237.133.120
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-ixBVKSoF8S3UNmMKzI4VCkUjNoD-i8mWSLLjFQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.237.133.120 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 29 Jun 2023 05:11:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 69CA 43 B
399 B 330ms
104ms Image
image/gif 2600:1f18:612b:4232:3223:94c5:efc7:2fa7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-GUvWqyoF8S3UNmMKzI4VCkUjNoAimPEe5mr4ow
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:3223:94c5:efc7:2fa7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 29 Jun 2023 05:11:56 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 69CA 0
235 B 203ms
94ms Image
text/plain 184.28.181.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-CKGvOSoF8S3UNmMKzI4VCkUjNoC5FqOfLZjR4A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.181.42 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-181-42.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 05:11:56 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 28 Jun 2023 05:11:56 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 69CA 0
38 B 158ms
42ms Image
text/plain 34.252.87.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-fJc5ESoF8S3UNmMKzI4VCkUjNoBkhQlTirNb0g&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.87.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-87-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 05:11:56 GMT
content-length: 0

GET put
e1.emxdgt.com/ Frame 69CA 0
0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 69CA
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XgWT4cwqh3T3YvJO3b0G1rtmzNbqhqvV

0
338 B

144ms
42ms

Image
text/plain

52.50.52.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XgWT4cwqh3T3YvJO3b0G1rtmzNbqhqvV
Protocol: H2
Server: 52.50.52.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Thu, 29 Jun 2023 05:11:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1688015516
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=XgWT4cwqh3T3YvJO3b0G1rtmzNbqhqvV
date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1193036
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 69CA
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tAfO8N8YN7uv1vyxWlRM0R4fX7eLaaJJ

35 B
268 B

400ms
128ms

Image
image/gif

3.13.226.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tAfO8N8YN7uv1vyxWlRM0R4fX7eLaaJJ
Protocol: H2
Server: 3.13.226.189 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-226-189.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jun 2023 05:11:56 GMT
x-bt-requestid: 77d3b9f0-163b-11ee-867e-0000ac17023c
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=tAfO8N8YN7uv1vyxWlRM0R4fX7eLaaJJ
date: Thu, 29 Jun 2023 05:11:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 619068
content-length: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1271067/log/3/ 0
245 B 37ms
37ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1688015513242&ver=36&isls=true&src=i&invt=3000&msa=3688&rv=1&tim=1688015517809&vi=1688015513240&ri=bcf70b957a963bcbadf8b51a807a433a&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ler=other
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.ketto.org
pragma: no-cache
date: Thu, 29 Jun 2023 05:11:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1383823/log/3/ 0
245 B 40ms
40ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1383823/log/3/unip?en=pre_d_eng_tb&tos=4568&scd=0&ssd=1&est=1688015513242&ver=36&isls=true&src=i&invt=3000&msa=3688&rv=1&tim=1688015517810&vi=1688015513240&ri=4b54d51da0353aa49164cf206b436481&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ler=other
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.ketto.org
pragma: no-cache
date: Thu, 29 Jun 2023 05:11:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
293 B 110ms
110ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ketto.org
Date: Thu, 29 Jun 2023 05:11:58 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 empty.html Show response
static.criteo.net/ Frame 801F 111 B
448 B 36ms
36ms Document
text/html 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/empty.html

Requested by

Host: www.ketto.org
URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0a7c567b36a7bfb198d6f6fbb8b26c0c1fbc557cd4f0fd696835974edd036f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ketto.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31104000 public
content-encoding: gzip
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 05:12:00 GMT
etag: W/"63dbe1a8-6f"
expires: Sun, 23 Jun 2024 05:12:00 GMT
last-modified: Thu, 02 Feb 2023 16:15:36 GMT
server: nginx
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 204 unip Show response
trc-events.taboola.com/1271067/log/3/ 0
245 B 38ms
38ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1271067/log/3/unip?en=pre_d_eng_tb&tos=10569&scd=0&ssd=1&est=1688015513242&ver=36&isls=true&src=i&invt=6000&msa=3688&rv=1&tim=1688015523811&vi=1688015513240&ri=bcf70b957a963bcbadf8b51a807a433a&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ler=other
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.ketto.org
pragma: no-cache
date: Thu, 29 Jun 2023 05:12:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1383823/log/3/ 0
245 B 38ms
38ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1383823/log/3/unip?en=pre_d_eng_tb&tos=10570&scd=0&ssd=1&est=1688015513242&ver=36&isls=true&src=i&invt=6000&msa=3688&rv=1&tim=1688015523812&vi=1688015513240&ri=4b54d51da0353aa49164cf206b436481&ref=null&cv=20230625-3-RELEASE&item-url=https%3A%2F%2Fwww.ketto.org%2F%3Futm_source%3Dexternal_ct%26utm_medium%3Demail%26utm_campaign%3D80G_tax_benefit&ler=other
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.ketto.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.ketto.org
pragma: no-cache
date: Thu, 29 Jun 2023 05:12:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
293 B 112ms
112ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.ketto.org
URL: https://www.ketto.org/new/polyfills.41b7af34f13876fc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.ketto.org/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.ketto.org
Date: Thu, 29 Jun 2023 05:12:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: e1.emxdgt.com
URL: https://e1.emxdgt.com/put?d=d53&uid=k-6xi4FioF8S3UNmMKzI4VCkUjNoCUF4YAcszGKw

Verdicts & Comments Add Verdict or Comment

314 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ketto.org/	1970-01-20 21:40:37	Name: _vwo_uuid_v2 Value: D2E2B97601819A49D921EF4D2F67F5267\|5f1351603e3e8fefac2f549e91d4fc27
api.fontshare.com/	1969-12-31 23:59:59	Name: _fontstore_key Value: SFMyNTY.g3QAAAABbQAAAAhndWVzdF9pZG0AAAAkN2I0OGNhODEtODI1MC00NGVlLWIwNzYtMzZmMDg1OTM4ZjUx.8k699yyL1M5qRzSCsUnwvctVRmKfUA4iBemq8444jAg
.ketto.org/	1970-01-20 15:17:35	Name: _vis_opt_s Value: 1%7C
.ketto.org/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.ketto.org/	1970-01-20 22:29:35	Name: _vwo_uuid Value: D2E2B97601819A49D921EF4D2F67F5267
.ketto.org/	1970-01-20 14:19:59	Name: _vwo_ds Value: 3%241688015512%3A61.95832437%3A%3A
.ketto.org/	1970-01-20 12:53:37	Name: _vwo_sn Value: 0%3A1
www.clarity.ms/	1970-01-20 21:39:11	Name: CLID Value: 47b99f496aeb4a97a2dd81a1ef798c0f.20230629.20240628
.ketto.org/	1970-01-20 15:03:11	Name: _gcl_au Value: 1.1.1695112804.1688015513
.ketto.org/	1970-01-20 21:39:11	Name: _clck Value: dpsyvo\|2\|fcv\|0\|1275
www.ketto.org/	1970-01-20 17:12:47	Name: k_utm Value: eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfY3QiLCJ1dG1fbWVkaXVtIjoiZW1haWwiLCJ1dG1fY2FtcGFpZ24iOiI4MEdfdGF4X2JlbmVmaXQifQ%3D%3D
.ketto.org/	1970-01-20 13:03:40	Name: ip_location Value: eyJjb3VudHJ5X2NvZGUiOiJHQiIsImNvdW50cnlfbmFtZSI6IlVuaXRlZCBLaW5nZG9tIiwicmVnaW9uX25hbWUiOiJFbmdsYW5kIiwiemlwX2NvZGUiOiJXQzJIIDdOSiIsImNpdHlfbmFtZSI6IkxvbmRvbiJ9
.ketto.org/	1970-01-20 22:29:35	Name: _ku Value: 0ba15130fc0f1f746b398498559f5309
.ketto.org/	1969-12-31 23:59:59	Name: _ks Value: eyJzaWQiOiIzZmYxZWYyZjllOTk3OTA0NWJmNjM2MDhjZjAyMmIzMCIsInN0IjoxNjg4MDE3MzEzfQ%3D%3D
www.ketto.org/	1970-01-20 12:55:01	Name: sess_map Value: xzfayxefxfvqbbufqtedffauqwyayyftadrfcysbrtseaectvxscduybbsryzbrztfvdzwveasvzvsbbyqduzxyuzafaxrduceydbbcxadqcuaerbfbtvxdrscuzxcfvzbtbqsteecvwfruseftearttuuczayfv
www.ketto.org/	1970-01-20 21:39:11	Name: __rtbh.lid Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22pAKeySoBDMxkydfLUb0b%22%7D
.ketto.org/	1970-01-20 22:29:35	Name: _ga_C0B8GLTCNR Value: GS1.1.1688015513.1.0.1688015513.60.0.0
.ketto.org/	1970-01-20 22:29:35	Name: WZRK_G Value: 206c14c5832a42b68b0155615445cc1a
.ketto.org/	1970-01-20 12:53:36	Name: WZRK_S_4R6-478-RR4Z Value: %7B%22p%22%3A1%2C%22s%22%3A1688015513%2C%22t%22%3A1688015513%7D
.ketto.org/	1970-01-20 22:29:35	Name: _ga Value: GA1.2.2023735736.1688015513
.ketto.org/	1970-01-20 12:55:01	Name: _gid Value: GA1.2.1363478518.1688015513
.ketto.org/	1970-01-20 12:53:35	Name: _gat_tracker Value: 1
.bing.com/	1970-01-20 22:15:11	Name: MUID Value: 0F1D6A1EC4346B0E0E737921C5216AF3
.c.bing.com/	1970-01-20 13:03:40	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:15:11	Name: SRM_B Value: 0F1D6A1EC4346B0E0E737921C5216AF3
.ketto.org/	1970-01-20 15:03:11	Name: _fbp Value: fb.1.1688015513264.53494533
.tiktok.com/	1970-01-20 22:15:11	Name: _ttp Value: 2RrkJDFDgyD3FRosV9zDB4faeQx
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:15:11	Name: MUID Value: 0F1D6A1EC4346B0E0E737921C5216AF3
.c.clarity.ms/	1970-01-20 13:03:40	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:53:36	Name: ANONCHK Value: 0
.ketto.org/	1970-01-20 22:15:11	Name: _tt_enable_cookie Value: 1
.ketto.org/	1969-12-31 23:59:59	Name: KETTOSESSID Value: 48eucr7ngh9ibkj2nb50do2b84
.ketto.org/	1970-01-20 22:15:11	Name: _ttp Value: c7ZchThGdKnzYOjjR_yDk7CXwqO
.ketto.org/	1970-01-20 12:54:47	Name: FPLC Value: cjy%2F%2FtOxMAS5z3RhpSbpXvhoAYlwcHk%2Bt2oCzakwUlr8%2FtTaf7JRnHg%2FW7OB5C8izy5yBDAP8Oos6zMqjNYtR8yljVAz01RDVaqvQ%2FqBo6eJrCjZrtM1dlV7yK%2B%2F%2BQ%3D%3D
.ketto.org/	1970-01-20 22:29:35	Name: FPID Value: FPID2.2.qsQgIzQH35bsX8TMK8HpNrB3cL4Rfpbwffdi5%2B2e1ZA%3D.1688015513
.ketto.org/	1970-01-20 15:03:11	Name: FPAU Value: 1.1.1695112804.1688015513
.ketto.org/	1970-01-20 12:53:37	Name: FPGSID Value: 1.1688015513.1688015513.G-C0B8GLTCNR.5GN-fOjtZaP0KIsUQuBDFQ
.doubleclick.net/	1970-01-20 22:15:11	Name: IDE Value: AHWqTUkS1AcMGUzdrdrzVk9oklgfdTR8ZhOTeIwruolSCdM8yV7bVW_UvwFR970e
.ketto.org/	1970-01-20 12:55:01	Name: _clsk Value: 16zvxi\|1688015513630\|1\|1\|b.clarity.ms/collect
.criteo.com/	1970-01-20 22:15:11	Name: uid Value: 92eccdb9-2f14-4a5f-9bfa-23dc0c87743f
.creativecdn.com/	1970-01-20 21:39:11	Name: u Value: sf8KWcrtuV9OMqysHj9O
.creativecdn.com/	1970-01-20 21:39:11	Name: ts Value: 1688015514
.ketto.org/	1970-01-20 22:22:59	Name: cto_bundle Value: HbzjiV9ySmclMkJZV3pWNSUyQm9VZGxXTHM2eGI1ZGRYQlNhbU92aWUyMDZxUWFoR05qbDJmQldEYWpQJTJCZnolMkY1TDJYN1ZRdWxJbnE1aTg3MTFrTWg2VW1ibDU0U1FpT2FYbSUyRll2QSUyRjdhM2NYSGY0WUV2dGNEb2F5RHN3N2h0M2hhZkp2YU90JTJCQ2JIanU5VHU2bUxDQXA2S3RsSU0xQSUzRCUzRA
.bidswitch.net/	1970-01-20 21:39:11	Name: tuuid Value: d996b0b7-d80f-4f83-ad30-b9f5740d788e
.bidswitch.net/	1970-01-20 21:39:11	Name: c Value: 1688015515
.bidswitch.net/	1970-01-20 21:39:11	Name: tuuid_lu Value: 1688015515
match.sharethrough.com/	1970-01-20 13:03:40	Name: AWSALBCORS Value: w99S/nITFPKaHDJKQvMZo8lHHXOJEfNXfCh9v3j6RnG+CaxWSGIjflcmYctixu4Z0eEypdlGPdRBMcIgQZWDfYKtezp04cxgdmycBVoOnm8bz3QmWJspb9lu+4Lh
.adnxs.com/	1970-01-20 15:03:11	Name: uuid2 Value: 910856813630294638
.media.net/	1970-01-20 21:39:11	Name: visitor-id Value: 3310171155011516000V10
.media.net/	1970-01-20 13:36:47	Name: data-c-ts Value: 1688015515
.media.net/	1970-01-20 13:36:47	Name: data-c Value: k-2w9TgyoF8S3UNmMKzI4VCkUjNoC6QaujPcU8wQ~~3
.demdex.net/	1970-01-20 17:12:47	Name: demdex Value: 82465493131335602003522023508293297898
.adnxs.com/	1970-01-20 15:03:11	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVTj?OQU!]tbPl@/D!9hy6]/CwgW4A6_]4_0K%kNvE9kDV][io60y7$K/9mvCh>7A+X/8O$DVB``=V35)vGbpRzqF1`*bbrJ+Y29c
.dpm.demdex.net/	1970-01-20 17:12:47	Name: dpm Value: 82465493131335602003522023508293297898
.casalemedia.com/	1970-01-20 21:39:11	Name: CMID Value: ZJ0Smz0-LRkRPSGUW7MgAwAA
.casalemedia.com/	1970-01-20 15:03:11	Name: CMPS Value: 5175
.casalemedia.com/	1970-01-20 15:03:11	Name: CMPRO Value: 5175
.360yield.com/	1970-01-20 15:03:11	Name: tuuid Value: 621376a4-1646-4114-86ad-7b9f94d6b7dc
.360yield.com/	1970-01-20 15:03:11	Name: tuuid_lu Value: 1688015515
exchange.mediavine.com/	1970-01-20 13:13:45	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22778b8d60-163b-11ee-b50d-ff7997ea8306%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:13:45	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22778b8d60-163b-11ee-b50d-ff7997ea8306%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:13:45	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22778b8d60-163b-11ee-b50d-ff7997ea8306%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:13:45	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22778b8d60-163b-11ee-b50d-ff7997ea8306%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:13:45	Name: criteo Value: %7B%22id%22%3A%22k-iGeXCioF8S3UNmMKzI4VCkUjNoA0s00WFnkdeQ%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 15:03:11	Name: um Value: !38,xFccglQ7MnW-phYonXMo-Co6XP1jr7jpuAHf7E6TCc7mL8b9D.q.OfEBahFEKGsR6iNIn-hm,1695791515
.360yield.com/	1970-01-20 15:03:11	Name: umeh Value: !38,0,1750223515,-1
.krxd.net/	1970-01-20 17:12:47	Name: _kuid_ Value: PpMcCxmZ
.id5-sync.com/	1970-01-20 12:53:35	Name: cf Value:
.id5-sync.com/	1970-01-20 12:53:35	Name: cip Value:
.id5-sync.com/	1970-01-20 12:53:35	Name: cnac Value:
.id5-sync.com/	1970-01-20 12:53:35	Name: car Value:
.id5-sync.com/	1970-01-20 12:53:35	Name: gdpr Value:
.id5-sync.com/	1970-01-20 12:53:35	Name: callback Value:
.tremorhub.com/	1970-01-20 21:39:32	Name: tvid Value: 56a24727b8ac4f2581bf56d62848cc93
.tremorhub.com/	1970-01-20 13:36:47	Name: tv_UICR Value: k-GUvWqyoF8S3UNmMKzI4VCkUjNoAimPEe5mr4ow
.pubmatic.com/	1970-01-20 13:36:47	Name: KRTBCOOKIE_97 Value: 3385-uid:k-ixBVKSoF8S3UNmMKzI4VCkUjNoD-i8mWSLLjFQ&KRTB&23144-uid:k-ixBVKSoF8S3UNmMKzI4VCkUjNoD-i8mWSLLjFQ&KRTB&23286-uid:k-ixBVKSoF8S3UNmMKzI4VCkUjNoD-i8mWSLLjFQ&KRTB&23287-uid:k-ixBVKSoF8S3UNmMKzI4VCkUjNoD-i8mWSLLjFQ
.pubmatic.com/	1970-01-20 13:36:47	Name: PugT Value: 1688015516

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit Message: The resource https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.ketto.org/?utm_source=external_ct&utm_medium=email&utm_campaign=80G_tax_benefit Message: The resource https://fonts.googleapis.com/css?family=Material+Icons&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/unip/1271067/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
ade.clmbtech.com
analytics.tiktok.com
api.fontshare.com
asia.creativecdn.com
b.clarity.ms
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn.gumlet.com
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d.adroll.com
d2r1yp2w7bby2u.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm.ketto.org
gum.criteo.com
id5-sync.com
in1.wizrocketmail.net
in1.wzrkt.com
ketto.gumlet.io
kettocdn.gumlet.com
kettocdn.gumlet.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.adroll.com
s.thebrighttag.com
secure.adnxs.com
sessions.bugsnag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.creativecdn.com
trc-events.taboola.com
trc.taboola.com
u1699505.ct.sendgrid.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.as.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.ketto.org
x.bidswitch.net
e1.emxdgt.com
103.132.192.30
104.126.37.42
13.225.78.88
13.248.245.213
141.226.228.48
141.95.33.111
142.250.186.66
151.101.193.44
167.89.123.122
178.250.7.11
178.250.7.13
18.133.143.83
18.156.131.113
18.66.97.109
182.161.74.16
184.28.181.42
184.30.20.22
185.255.84.153
185.80.39.216
185.86.139.94
2.16.97.41
20.75.32.255
2001:4860:4802:32::36
2001:4860:4802:38::15
204.237.133.120
2600:1901:0:7a0b::
2600:1f18:612b:4232:3223:94c5:efc7:2fa7
2600:9000:20eb:ec00:16:b4a8:d400:93a1
2600:9000:225e:b800:6:9280:1080:93a1
2600:9000:225e:ec00:11:c3fe:5b00:93a1
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9a
2a02:2638:3::3
2a02:2638:d::10
2a02:2638:d::d
2a02:26f0:7100::210:121
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::311
2a05:d018:cc3:fe05:7a5a:856b:f187:f490
3.13.226.189
3.251.15.90
3.69.35.126
3.71.158.141
3.75.62.37
34.117.157.22
34.117.98.198
34.252.87.220
34.96.102.137
37.157.4.29
37.252.171.52
52.215.156.153
52.222.214.106
52.50.52.186
66.225.223.191
68.219.88.97
69.173.144.138
01fa046cfbf941cdc303bd16a8606d7d1bb3c4d46626eaad1f1a209d244ce550
03b1ac9b2a302282837fc3d4ae8538190901502c0466470c4116bc46f6b80379
05a708d0ad86298085d0d3dcb6748f0be19d55f90e97d2e27ce89ee91b3261e1
099ceb50c759813baab8c2ff33c3013f139ff7912a71091ed3926827b0ea24e7
0a7c567b36a7bfb198d6f6fbb8b26c0c1fbc557cd4f0fd696835974edd036f0a
0b9167dbf8f9882cbb3f9bfd9dec02b2437d0794219e4f6e32d0a650cc735e2b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c795a97ca380527869ee1f2eb72053fa13facb3c5a0fe262692c445522d09fb
0d03a68f398b9887ab9829ad638f9b87eae36fa00a51cabe616e2c37c4c393a8
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d83f0cb05a666ad25e9141207788bcbf18eab73b6e3e741e40754cd3903ebf6
167be98de45d4d9406b59720387d28c16ab3bd46459301b768799cba168f121c
17d81106176fdcddbcb848b8527dd2514831e000cabce15dc66b96c7212f73b7
18e170ddacd9bbf659fe9fb5692875677389ca9910648594323d35dfda3c8fae
1cac0b1af7455284bf972a6c0a0ba05b2812bee0f2de1d92432bebc24af160bd
27496f51b205e87aef85be66feb529ca72e337441a1264dfa8e896f4e37b2b8a
2eaa2272e8938c1b55e85fc9e91062a8cf049d95e67a093990b2a634070930fd
30914e620ba424e4691b6f57c37f29e90c723e2360f0c6aec0757e456a923eb1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
330c6994f421612a2a17b91f08e16a970dd2158a4632e9c133a393be9cefbf99
341f196e4f81c7b12b900481474dbb715b7b5fb994f9f67b6fd9d0b79acb7994
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
39f2116c81614556941952562469fb3ef9894038b874040971b20287522eb623
3b703d2a5f5522ed8d7b0612afd604f27c2d9cf4291b05ac0cc4038fad5c6a72
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
4a8177ea57b73e6d04544d59b5a48e8ffe03d8904f5c2a2754b9c34219abe82b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4beecfb5c496854b3231046a5938f4f7d4e5ba23908fe31687551ed9a90d5773
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
541d383217cb5ea3605c621bcc288944870833798a89e42bd1d0e4a4336781cd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
577951cf39fd12a9cd0a1ad1e303950d25b4376deb325579fe5c4d37c1f2c975
58495306dd51f3a3a52d249ec61cbd886995aaf392746244fdd714af85212dd1
593783f56cb7caf11d62016a3b8806f612d183fcf8d7a2862492d7ba475d365b
5a33ff27e30ed7688e8ff1b19f7a7da388f488a67db586b2ef2f4695a02a16f6
5b1bb616754d377f8a08c9fa0e11b1f2b14e925fc4942b9fa2951c203efff8bf
5bd882204617fcb90bba9fb7df4669615fd89aed4359b11a1ab022099dd35bd5
5f15658d1cacb8c718ad72a407422e8ff697eb20909df8e6511bf6b7b4f993a8
63e3dad14a535185458ed4ac99a4c40a3fb43700a0ca5bee938cdd0f20491572
64457ca57b81baa80922a086fd4c3bf5919da70c90909efb9322a6f2963ec0f9
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
668495f43f6d010b12d5c2eef052d7e45686af12c3e0e9602ab80241abd52285
66d9ea624bd17b3e8a071b15e43de12d6a7cf408d13dce94c7d684e060b723e5
6741dee536fcc3dcd63c96afc87eae0aa769692d81d46fa06eb9f151f715bf55
6748416f2cd0a6811631bcadecea1707372df0dde2e48eaa05ac2d7b6656c2dd
6ce446b54f436b6093ac2ef44c24e3c5f65b0b0c9d9a7dddf4943f192ae69dd1
6efedb4ae5f9d08e5ce2cd134e20b6ec6e1991b2d7a184ea0973f9905e7becb8
6fca6a240fb0a0972228f6479dc3e1444fa4cc93b8400e095666bdc6daaf422b
6ffb77e49b8d6a737dc4c962db65347806ab0773bdef6cb56f36e3048798befb
6ffb8c22fd7325b25b1c92cd6510ea09f43782abf0da8148ab129c63d15efe1f
72e80bca8589d4caee47cc7fae10907bfead4158541ba385ac729a236d18c5bb
75d1f78c0ce09d244100e1e559fbe0feb75551dbabcc2d1b78dc606b9d61428d
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ddd5e3aae37f8d4c96cb8bd53e537470a93487dd645f1728e805b4af1926988
7f07d505480a059096e7e518414dfb86e216d527ebe9f0ada0868ac78233d2df
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852a7107c708f06318f8fe62b3ad715d9c1565aaa9158b1e36c62502c424ea7b
865ac72d193fc958710f49a96e863ae72ba63f9d60ef9afa7917dbbc4fa94b5a
87e0bcd31c6cf8c0831c2f310a7dfb2372ae5f7511fd11f2f430a3dd82363361
87e3236aa22ba19a80689f797e66ba07acfe99f25bc0d42b7862928c66a14c0e
87e63c9cc85722f2950a8fcdf0fb84a62805c200f840c8f093a55ad47b2a5bfe
89a00b8523ab2203f70a65d7df925df5b1f19bbd00182c0d3b03e786200e068b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c1efd5b76faddbd0eb186aae118ca0a19cdb31f0d5f01270ef612ce79fc5e7c
8d654b420b511a8ccb4bdbd56cd8c4dc01cd43e1e97ef1cc8a5ba34e582e8cf5
906043dd7c678d24efde1b1956c820087bd3c81e52f25da2934f52d992a7b99a
91db6cd7747597a965712b9baedd75c5d0b5b6e2c7bd250003da45ef62f7665b
91f41aca1c42388a52cffa41e75305c6e98ba8c97aaa68c62143b6b7de08d912
95188bc9aceb2c3e68cb324c980ac550dee7ed5bf80eda5571ff98252b0f4cec
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a46430a09daf15c70445ee6c1f306500e8ff29b750b5bafadb7f997cf044257
9dc38129ae209213d3b8807c75ab06af56156431da7bbb15017deff1c3b3b755
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a27cd5a07f891a196c9c699f9628af8d52776d9130a18fcba1ab3ba814801dc0
ab26e787fa89d35aced53de24ee22db847af08d248be4ae79ac5067ecb476557
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b017dcecaaa4dcac358d041d40be5a1ec31f236790b4ead1da31cca6a9d46ef3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b360efdd52f5689ae8c7d02cb2e7228f3b25dcaf14f3eea81969748cc6263b50
b3c45b77df32bcd4b9b8deacf8d9460828aced494eb4412e6ada289421283a0f
b5a31e088ca5323f5198d7a8642d71c8f98f28fe4c3602dd6dec3d6050cddba2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd917f86076da246fa6aaca90925c22556f4761eadfea98c1dcdb36bd8ac0a77
c122987544383977e325c87a5187db3452965064538e6d72c04f643bb52574c0
c18ea9d79c5c95080d3ca44a3bde53ccb4d5d095c22ddf0cf959944038eca80c
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d32c188267bbf7f111721a087651d521036fd1e43283ff08332c9b29e48505a9
d480fe531b36fab7833fba7aa0714c7295cf7731bce5616c6fc045b278b4e2b3
d5815f8715aa038803c4aa101915b811fdc1e935fe4617a0da7a4f6586775071
d58920b4fb20fa2bcb7db7c17f246be1c9d6c302bba848419e8c02bf5369a07e
d7b5562c4bb7cfedaf0eabd3bb6601098326888e28e2d37dafcc6fa32a53391d
d87ca18e4cae982c9303b2faf467a7b562e193b6918c5498e7c1157e3cabb966
d91cdb016f9cd983879f7cdf1cd86b79c0c62ab8849a93f821b1232c9ae633a4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff2c94b6e6460fb9b169e4982b838994b1c8eaa9d2cbac577f93a149d1ab7f3
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4acec813c1dd988c9efc11e869a2732eaa3e269e4c067714daa181e7429f542
e72c76e906d5e7d7b8ccd72ae1ebf32cc73d821d6158866dad86fd0b97e9b51d
e82e91ab01fa4ee5ec230037fb31917ef2babd21111dcb9e860b07a85c3a18e6
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e998a805c3e65de2b8615848565f74bb01d0c1e77de516466b37b951819fd203
e9b899f9e3e221a055895e9f8a21cdbc3634c3cabb2175e76208b2c423ff09ca
e9f6b7adef81eaa57f5ac0afaab01f012e6aa4d9e313422ceb1fd48eaf4704b9
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ee87661aca0ce4b0b7660faf2f2a78d9a0f6df3f3fecb43d7b95462252fe7809
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39e32285f48d3b69a936c8dc6fb479caee98c4e356320fa3eda072de7372e17
f43ffeb81ea50a6150daf26c8afbc3cf70b402e7c07ffc8065832fade0711ac6
fcd974af3d25943e07f9f1f76c0acf1378376597f433ceddd9939ab2c3b497f4
fd9a7b9ab42c0f8995803a0a30f66c5efe4207e2c9600b2fca97be971f0175b6
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ff70e45de9d0d511b6c8d3164a991d8d6305cb611be4403eca5b98f901a79850

www.ketto.org Open in urlscan Pro 52.222.214.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

91 %HTTPS

38 %IPv6

53 Domains

71 Subdomains

62 IPs

10 Countries

1884 kBTransfer

6095 kBSize

78 Cookies

24 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ketto.org Open in urlscan Pro
52.222.214.106 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

91 %
HTTPS

38 %
IPv6

53
Domains

71
Subdomains

62
IPs

10
Countries

1884 kB
Transfer

6095 kB
Size

78
Cookies

172 HTTP transactions
2 data transactions