urlscan.io logo urlscan.io
SecurityTrails logo

www.ketto.org Open in urlscan Pro
52.222.157.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mail.quicklivedeals.com/re?l=D0Is4d7jpI7vfunvbI0
Effective URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Submission: On May 13 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 9 countries across 29 domains to perform 109 HTTP transactions. The main IP is 52.222.157.77, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.ketto.org.
TLS certificate: Issued by Amazon on November 24th 2018. Valid for: a year.
This is the only time www.ketto.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.192.43.153 15960 (GLOBALACCESS)
2 52.222.157.77 16509 (AMAZON-02)
22 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.127.150.54 16509 (AMAZON-02)
3 151.101.0.176 54113 (FASTLY)
2 13.126.123.139 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.157.64 16509 (AMAZON-02)
2 159.122.87.148 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:200... 16509 (AMAZON-02)
2 216.58.207.34 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 147.75.205.43 54825 (PACKET)
8 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.120.157 54113 (FASTLY)
4 151.101.2.2 54113 (FASTLY)
1 2a00:1288:7c:... 43428 (YAHOO-ULS)
2 5 172.217.18.166 15169 (GOOGLE)
2 34.253.42.0 16509 (AMAZON-02)
1 159.122.87.153 36351 (SOFTLAYER)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 147.75.32.173 54825 (PACKET)
1 188.125.66.33 34010 (YAHOO-IRD)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.22.34 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 147.75.80.178 54825 (PACKET)
2 7 2a03:2880:f11... 32934 (FACEBOOK)
1 52.222.146.160 16509 (AMAZON-02)
6 54.169.244.171 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f0f... 32934 (FACEBOOK)
1 104.244.42.3 13414 (TWITTER)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.20 23467 (NEWRELIC-...)
109 40
1    91.192.43.153 (Germany)

ASN15960 (GLOBALACCESS, DE)
mail.quicklivedeals.com
2    52.222.157.77 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-77.fra53.r.cloudfront.net
www.ketto.org
22    2600:9000:200c:9c00:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    13.127.150.54 (Mumbai, India)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-127-150-54.ap-south-1.compute.amazonaws.com
checkout.razorpay.com
3    151.101.0.176 (United States)

ASN54113 (FASTLY - Fastly, US)
js.stripe.com
2    13.126.123.139 (Mumbai, India)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-13-126-123-139.ap-south-1.compute.amazonaws.com
api.juspay.in
2    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    52.222.157.64 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-157-64.fra53.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
2    159.122.87.148 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
5    2600:9000:200c:3c00:d:e617:f340:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d1vdjc70h9nzd9.cloudfront.net
2    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.205.43 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-31
static.hotjar.com
8    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    151.101.120.157 (Paris, France)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
4    151.101.2.2 (United States)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
trc.taboola.com
1    2a00:1288:7c:800::4000 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)
s.yimg.com
5    172.217.18.166 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f6.1e100.net
ad.doubleclick.net
9237602.fls.doubleclick.net
2    34.253.42.0 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-42-0.eu-west-1.compute.amazonaws.com
wzrkt.com
1    159.122.87.153 (Frankfurt am Main, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 99.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
2    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
7    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
7    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    147.75.32.173 (Amsterdam, Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-27
script.hotjar.com
1    188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
googleads4.g.doubleclick.net
1    104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    147.75.80.178 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-25
vars.hotjar.com
7    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    52.222.146.160 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-146-160.fra53.r.cloudfront.net
d3oxf4lkkqx2kx.cloudfront.net
6    54.169.244.171 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
apis.ketto.org
1    2a03:2880:f01c:20e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
1    2a03:2880:f0ff:2:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
cx.atdmt.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    151.101.2.110 (United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
29 cloudfront.net
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
d3oxf4lkkqx2kx.cloudfront.net
846 KB
13 doubleclick.net
ad.doubleclick.net
9237602.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
11 KB
10 facebook.com
www.facebook.com
graph.facebook.com
staticxx.facebook.com
2 KB
8 ketto.org
www.ketto.org
apis.ketto.org
71 KB
7 google.de
www.google.de
763 B
7 google.com
www.google.com
949 B
6 facebook.net
connect.facebook.net
186 KB
4 taboola.com
cdn.taboola.com
trc.taboola.com
9 KB
4 google-analytics.com
www.google-analytics.com
18 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
91 KB
3 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com
61 KB
3 stripe.com
js.stripe.com
21 KB
2 wzrkt.com
wzrkt.com
967 B
2 googleadservices.com
www.googleadservices.com
18 KB
2 gstatic.com
fonts.gstatic.com
21 KB
2 googletagmanager.com
www.googletagmanager.com
62 KB
2 juspay.in
api.juspay.in
20 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
30 KB
1 nr-data.net
bam.nr-data.net
261 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 twitter.com
analytics.twitter.com
261 B
1 atdmt.com
cx.atdmt.com
408 B
1 t.co
t.co
167 B
1 googletagservices.com
www.googletagservices.com
29 KB
1 yahoo.com
sp.analytics.yahoo.com
141 B
1 yimg.com
s.yimg.com
4 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 razorpay.com
checkout.razorpay.com
19 KB
1 quicklivedeals.com
mail.quicklivedeals.com
272 B
109 29
Domain Requested by
27 d1vdjc70h9nzd9.cloudfront.net www.ketto.org
ajax.googleapis.com
7 www.facebook.com 2 redirects www.ketto.org
connect.facebook.net
7 www.google.de www.ketto.org
7 www.google.com 2 redirects www.ketto.org
6 apis.ketto.org www.ketto.org
6 connect.facebook.net www.ketto.org
connect.facebook.net
d1vdjc70h9nzd9.cloudfront.net
5 googleads.g.doubleclick.net www.googleadservices.com
4 9237602.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 www.google-analytics.com 2 redirects www.googletagmanager.com
3 trc.taboola.com www.ketto.org
3 dev.visualwebsiteoptimizer.com www.ketto.org
dev.visualwebsiteoptimizer.com
3 js.stripe.com www.ketto.org
js.stripe.com
2 staticxx.facebook.com connect.facebook.net
2 stats.g.doubleclick.net 2 redirects
2 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
2 www.googleadservices.com www.googletagmanager.com
2 fonts.gstatic.com www.ketto.org
ajax.googleapis.com
2 www.googletagmanager.com www.ketto.org
www.googletagmanager.com
2 api.juspay.in www.ketto.org
api.juspay.in
2 www.ketto.org www.ketto.org
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.ketto.org
1 analytics.twitter.com static.ads-twitter.com
1 cx.atdmt.com www.ketto.org
1 graph.facebook.com www.ketto.org
1 d3oxf4lkkqx2kx.cloudfront.net www.ketto.org
1 vars.hotjar.com static.hotjar.com
1 t.co www.ketto.org
1 googleads4.g.doubleclick.net www.ketto.org
1 www.googletagservices.com ad.doubleclick.net
1 sp.analytics.yahoo.com s.yimg.com
1 script.hotjar.com static.hotjar.com
1 ad.doubleclick.net www.ketto.org
1 s.yimg.com www.ketto.org
1 cdn.taboola.com www.ketto.org
1 static.ads-twitter.com www.ketto.org
1 static.hotjar.com www.ketto.org
1 d2r1yp2w7bby2u.cloudfront.net www.ketto.org
1 checkout.razorpay.com www.ketto.org
1 fonts.googleapis.com www.ketto.org
1 ajax.googleapis.com www.ketto.org
1 mail.quicklivedeals.com 1 redirects
109 42
Subject Issuer Validity Valid
ketto.org
Amazon		 2018-11-24 -
2019-12-24		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.razorpay.com
Amazon		 2018-09-27 -
2019-10-27		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-02-27 -
2019-06-04		 3 months crt.sh
api.juspay.in
Amazon		 2019-03-20 -
2020-04-20		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-07-21		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2018-08-16 -
2019-08-21		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-01 -
2019-09-07		 5 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-04-22 -
2019-06-06		 a month crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
wzrkt.com
DigiCert ECC Secure Server CA		 2018-11-11 -
2019-11-20		 a year crt.sh
www.google.de
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2018-11-21 -
2019-05-20		 6 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
apis.ketto.org
Let's Encrypt Authority X3		 2019-04-10 -
2019-07-09		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2019-04-12 -
2019-07-11		 3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-28 -
2020-01-28		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 11 frames:

Primary Page: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Frame ID: E9AE0F4A6D818A823EFD7C5B9E3CC282
Requests: 100 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Frame ID: D1608F021C6E12B853ABF99D9C67A77C
Requests: 1 HTTP requests in this frame

Frame: https://9237602.fls.doubleclick.net/activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Frame ID: E1F551DE16149FF7B0A157859D8C42C2
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: E3585157E163B7B09EEF7D55F7889BA5
Requests: 1 HTTP requests in this frame

Frame: https://api.juspay.in/payjs-iframe
Frame ID: F475F6F3ED1A2C5994546E31DAAC9AB6
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default419873&stripe_xdm_p=1
Frame ID: B006DE89FB1E5EEB02A148522C052B12
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BA41D144B370B7773AA198A86DC5AB2F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 78C0B50947F1A0B1AFDF77C0D88BCAE1
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 2C04BD0E33737E8C14A05FD5E287D88A
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 6DF70C467D3105C00A02C38233045601
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: FCAB9F916D3B103C90DE5C3DE9112AC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mail.quicklivedeals.com/re?l=D0Is4d7jpI7vfunvbI0 HTTP 302
    https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=exter... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • env /^angular$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Stripe$/i
Overall confidence: 100%
Detected patterns
  • env /^addthis/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • env /^swal$/i
Overall confidence: 100%
Detected patterns
  • env /^YAHOO$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

109
Requests

100 %
HTTPS

41 %
IPv6

29
Domains

42
Subdomains

40
IPs

9
Countries

1531 kB
Transfer

4657 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mail.quicklivedeals.com/re?l=D0Is4d7jpI7vfunvbI0 HTTP 302
    https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Request Chain 33
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio HTTP 302
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Request Chain 37
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=291019463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=54585128&gjid=448407825&cid=2114575766.1557749640&tid=UA-30181760-1&_gid=216995836.1557749640&_r=1&gtm=2wg521MJRMLZ&cd12=1557749640216.a6rv22gd&z=535304405 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_gid=216995836.1557749640&gjid=448407825&_v=j73&z=535304405 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_v=j73&z=535304405 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_v=j73&z=535304405&slf_rd=1&random=128491998
Request Chain 84
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=291019463&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&ec=Campaign%20Viewed&ea=page_load&el=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer&_u=aEBAAAAB~&jid=251357387&gjid=455085835&cid=1965076790.1557749641&tid=UA-30181760-1&_gid=508503268.1557749641&_r=1&gtm=2wg521MJRMLZ&cd7=150&cd8=saveiranna&cd9=88879&cd10=ad&z=1926315541 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_gid=508503268.1557749641&gjid=455085835&_v=j73&z=1926315541 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_v=j73&z=1926315541 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_v=j73&z=1926315541&slf_rd=1&random=2640491742
Request Chain 87
  • https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1557749641202&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1557749640776.1510824377&it=1557749640336&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=7895858085093183545&f=AYwAAbHgaxcqLyRirASTDGIIQGsjfL_86hIE_pY5T2f73x3bAxrTKo1Wx9qkAnMLbozC708UOdE-BMYrtx5gvPET&id=441308802710601&l=3&v=0
Request Chain 101
  • https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df30bf6096decc24%26domain%3Dwww.ketto.org%26origin%3Dhttps%253A%252F%252Fwww.ketto.org%252Ff21fa3009b9cbd%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request saveiranna
www.ketto.org/stories/
Redirect Chain
  • http://mail.quicklivedeals.com/re?l=D0Is4d7jpI7vfunvbI0
  • https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
268 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.77 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-77.fra53.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
f64c3a31df743619803722968f357ba76b89c879c632601f1b41c4ba64ff011f

Request headers

:method
GET
:authority
www.ketto.org
:scheme
https
:path
/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
date
Mon, 13 May 2019 12:13:59 GMT
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
cache-control
max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pageurl-1
1
pragma
no-cache
vary
Accept-Encoding
x-mod-pagespeed
1.13.35.2-0
x-powered-by
PHP/5.6.40
set-cookie
KETTOSESSID=m1ehsi9r01minv5e7ujf01ngs1; path=/; domain=.ketto.org k_utm=eyJ1dG1fc291cmNlIjoiZXh0ZXJuYWxfa2Vuc2NpbyIsInV0bV9tZWRpdW0iOiJlbWFpbCIsInV0bV9jYW1wYWlnbiI6InNhdmVpcmFubmEifQ%3D%3D; expires=Sat, 09-Nov-2019 12:13:59 GMT; Max-Age=15552000; path=/ ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Mon, 20-May-2019 12:13:59 GMT; Max-Age=604800; path=/; domain=.ketto.org _ku=18875be8c8a6b63efdf39b9de67dce9a; expires=Wed, 19-Apr-2119 12:13:59 GMT; Max-Age=3153600000; path=/; domain=.ketto.org _ks=eyJzaWQiOiI4OTk4OTdlYTM5YWU2MjgzMTYxNTZkNDQzYThhMGI1YSIsInN0IjoxNTU3NzUxNDM5fQ%3D%3D; path=/; domain=.ketto.org ip_location=eyJjb3VudHJ5X2NvZGUiOiJERSIsImNvdW50cnlfbmFtZSI6Ikdlcm1hbnkiLCJyZWdpb25fbmFtZSI6IkJlcmxpbiIsInppcF9jb2RlIjoiMTAxNzgiLCJjaXR5X25hbWUiOiJCZXJsaW4ifQ%3D%3D; expires=Mon, 20-May-2019 12:13:59 GMT; Max-Age=604800; path=/; domain=.ketto.org
x-cache
Miss from cloudfront
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-amz-cf-id
nFZ54NQr75Yxo6m7oa-llT4Uy_mqrOQD4h3RFKhh80Bg-kj_YzyqYg==

Redirect headers

Date
Mon, 13 May 2019 12:13:58 GMT
Server
WebServer
Location
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Content-Length
0
Keep-Alive
timeout=2, max=1
Connection
Keep-Alive
custom.53bd68.css
d1vdjc70h9nzd9.cloudfront.net/less/ 		645 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/custom.53bd68.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aff5de7eb89ef6037aaac8f203a4051be7ef6ca590f5114b777d489106e0d940

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 13:02:28 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 12:01:05 GMT
server
AmazonS3
age
86523
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
AddNQWVhRasUs3RJyqtQhSnwawCaDI5Pmy2vQTOxiBjN0tqWUx18Qw==
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
stories.designD.bundle.a33590.css
d1vdjc70h9nzd9.cloudfront.net/less/story/ 		234 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a33590.css
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87e9f7fe6ad4e58a72b5e1b082c16ce860cfb7158028a1cdda589600362cda44

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 07:56:54 GMT
content-encoding
gzip
last-modified
Sat, 04 May 2019 11:11:27 GMT
server
AmazonS3
age
15543
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-id
JgSJttRuINIzmN3MoZqSZj8HyPT8OCFxyl-aH--MPf7djpeFGzNOqQ==
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 14:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4137982
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
30028
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Mar 2020 14:47:38 GMT
angular.min.js
d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/js/angularjs/1.4.9/angular.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 03:11:31 GMT
content-encoding
gzip
last-modified
Sat, 12 May 2018 15:51:07 GMT
server
AmazonS3
age
4438950
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-amz-cf-id
RW1hbYFK_NSK04hrQBIKZwaT6Q9Qv9JddnV2oMt-2q3eJjQfdpn8Lw==
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
68e194864a1d3ba7b9f17ac0a9f10a926f4c6798.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/88000/88879/image/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/88000/88879/image/68e194864a1d3ba7b9f17ac0a9f10a926f4c6798.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0841b39dcfbe3850b07ac0ab70b91944f37fe98d027690369aa5ff84cc03f3f5

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 13:31:11 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Fri, 12 Apr 2019 11:09:55 GMT
server
AmazonS3
age
686569
etag
"354f7c8836b5292aa1625e89731e1142"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63491
x-amz-cf-id
AQsb7PaqDc4mADMPFl2kLOsvUVplkmTVlFQ2842WoIV0JtthlVDpOw==
ketto_assured_icon.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/ketto_assured_icon.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 13 Jan 2019 03:39:32 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:11:56 GMT
server
AmazonS3
age
10398868
etag
"200ceec5ec95c93879aad89ad37c2b2c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8241
x-amz-cf-id
WC7cPb3G-wa0vwRn45_l16BW5A75KEQya9dsYehjI1wygxihWHIf_A==
check-circle.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		525 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 06:31:04 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:09:56 GMT
server
AmazonS3
age
711777
etag
"da1437e83409e90ba99351cd977c1972"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
525
x-amz-cf-id
BKiIa6vKnwa5JgqXSKIqYtlxdLfuXNlrkvSgowdStTJ-6vdqrLXghA==
5ca6f0b12a025.jpeg
d1vdjc70h9nzd9.cloudfront.net/media/campaign/88000/88879/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaign/88000/88879/image/5ca6f0b12a025.jpeg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
398135c0135d369136efce4e6cd800ff260720e75e3631abc8cd6f8022d584af

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 13:31:38 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Fri, 05 Apr 2019 06:07:46 GMT
server
AmazonS3
age
686543
etag
"c31bf46562d923ef1896b9c6736da71c"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
5265
x-amz-cf-id
Bwuxj_8haoYJa7s02SPY-xZJ9jsSBOulj0UGFnJcDcnqgeUYNOcbiA==
success.svg
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/success.svg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 12 Jan 2019 23:04:29 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:15 GMT
server
AmazonS3
age
10415372
etag
"b3ac3ad9144c660c6f162cfc15d848f4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
947
x-amz-cf-id
bmzWtvdjxfeUi0AcgUOROXiNUQ5sPY_oauDui_ionpUlwgjWSrd9Dg==
check-circle2.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		271 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/check-circle2.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 21:34:42 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Fri, 18 Jan 2019 07:42:34 GMT
server
AmazonS3
age
76325
etag
"48dd2ff3300166f57ecdbe39efd4bb27"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
271
x-amz-cf-id
F5UpCfPUEEjXQkXWe-Zd2e8hqKMhiTEiKVVInXprlWx7AJyjxwAnzg==
css
fonts.googleapis.com/ 		13 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700,500|Noto+Sans:400,700
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1f8fe1ba129beba4f7b48d5f54acb721c82347cd76c0c8c43d168523569f159f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 13 May 2019 12:14:00 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 13 May 2019 12:14:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 13 May 2019 12:14:00 GMT
razorpay.js
checkout.razorpay.com/v1/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.razorpay.com/v1/razorpay.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.127.150.54 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-127-150-54.ap-south-1.compute.amazonaws.com
Software
/
Resource Hash
69d1e798d04bbe7a59c5c79b57fe1e5030c92a1876ca86ecee1e0db3525b4c43
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:14:00 GMT
Content-Encoding
br
Last-Modified
Mon, 13 May 2019 11:28:29 GMT
Etag
"5cd954dd-4ab0"
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Strict-Transport-Security
max-age=315360000; includeSubdomains
Access-Control-Allow-Headers
origin
Content-Length
19120
X-Xss-Protection
1; mode=block
/
js.stripe.com/v2/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81b0036608574dee94fb2bf0eb8b23e9175d41fbb1c09132aa9e1e7f3250039a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
137
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
20941
x-amz-id-2
x+3sIyJiFQW3LjOp+l5iLvRYBqbJPq9rz7jJcukv72Od7//bTAe3CVeLPGCiZ90zCc0SRPR7XS8=
x-served-by
cache-hhn1542-HHN
last-modified
Thu, 20 Sep 2018 21:42:17 GMT
server
AmazonS3
x-timer
S1557749640.143786,VS0,VE0
etag
"c9a4d90231588d78319ccb195a41e3eb"
vary
Accept-Encoding
x-amz-request-id
F5B26FB1632B74FE
via
1.1 varnish
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
165
pay-v2.js
api.juspay.in/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.juspay.in/pay-v2.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.123.139 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-126-123-139.ap-south-1.compute.amazonaws.com
Software
*** /
Resource Hash
8ac3d36c6322eefcaea87ebbe52f803e51dfd23937edf4122b4887c51ebb3c4a

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
last-modified
Sun, 12 May 2019 18:12:44 GMT
server
***
etag
W/"20346-1557684764000"
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
Connection
keep-alive
accept-ranges
bytes
Content-Length
20346
expires
Sat, 01 Jan 2000 00:00:00 GMT
stories.bundle.min.997252.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		101 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/stories.bundle.min.997252.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f35596304fc51b9d33c525eef4d22461d2937157c893dcdb2345df9ccd2c4d95

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 19:13:08 GMT
content-encoding
gzip
last-modified
Sat, 04 May 2019 12:49:03 GMT
server
AmazonS3
age
93600
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
r4bkrVVCfo_Ybb83yTePe546Y2bqZGl1zbUtQGOKsl2iOxAZTfl-Bw==
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
storiesDefer.bundle.min.5cf221.js
d1vdjc70h9nzd9.cloudfront.net/stories/build/ 		747 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.5cf221.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b61fd48fcbd54aac4d9e9d7c3dd01644a1fc824e36b809e4e5c934604efbb6

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 16:56:27 GMT
content-encoding
gzip
last-modified
Tue, 30 Apr 2019 10:23:22 GMT
server
AmazonS3
age
109076
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
2v44rXPcdHB-fm5INxqfRZpn9iAjsaNsChybdpliZ-i0J0Bn6vCV6Q==
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		178 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
94b318e07378838a6b45d0f89aeb4f5a79daf8a78c3db7b1ecf53e072c724946
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
br
last-modified
Thu, 09 May 2019 20:50:36 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
38174
x-xss-protection
0
expires
Mon, 13 May 2019 12:14:00 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.64 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f01e18f943895384d10b2ca16c03fd6b4e5d67eaa5403116053b9be6a222b11a

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 13 May 2019 12:07:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Apr 2019 13:35:30 GMT
Server
AmazonS3
Age
765
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 021f80d2384d9f4998f4098fa306be09.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, private
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
QhxO8V7YFYYteEkCs3D9HsLGCRmmjZUZJBUtO-mwCItSB86HshT59Q==
j.php
dev.visualwebsiteoptimizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.6499541989915172
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
74d5ff258f3a720ca399e4697684a71e3ff52474082c30b995157b1c1c683000

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 13 May 2019 12:13:59 GMT
content-encoding
gzip
server
fra1dacdn
content-type
application/javascript; charset=UTF-8
ketto-preloader.gif
d1vdjc70h9nzd9.cloudfront.net/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/ketto-preloader.gif
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/custom.53bd68.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 24 Mar 2019 05:25:10 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:11:56 GMT
server
AmazonS3
age
4344531
etag
"b450384414976a19d30e015730e860b6"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33461
x-amz-cf-id
pKWIR2Etz9tLWpIlWIQMJjM71JQqAs7_ZWGHZc1Lp1kGeLW_Pm8ugA==
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v8/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v8/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700,500|Noto+Sans:400,700
Origin
https://www.ketto.org

Response headers

date
Sat, 09 Mar 2019 01:24:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:29:01 GMT
server
sffe
age
5654977
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10292
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 01:24:23 GMT
fontawesome-webfont.woff2
d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/less/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:3c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/custom.53bd68.css
Origin
https://www.ketto.org

Response headers

date
Thu, 07 Mar 2019 05:09:23 GMT
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
age
5814278
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
71896
last-modified
Mon, 07 May 2018 14:12:37 GMT
server
AmazonS3
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Origin
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qYdPvE7SHSZtZ1DmPqaRH7o6b7XSx8FonaO-W52NlIQ4y6T0Zs7Byw==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/gif
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
2c2b83b5a9f188b6f91fdb4db32a68cae12d7c15d62263ebd3e345429dab2ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8874
x-xss-protection
0
server
cafe
etag
3302323910089655626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 May 2019 12:14:00 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2489
date
Mon, 13 May 2019 11:32:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Mon, 13 May 2019 13:32:31 GMT
hotjar-200024.js
static.hotjar.com/c/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-200024.js?sv=5
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.205.43 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-31
Software
openresty /
Resource Hash
65dfb42ed406efb3d8f716913d3b55bc23f267635589429bb670e543dfac0383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
129
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
3152
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/a594589ef33aa6ce4e5dcd209d4200e0
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.069
accept-ranges
bytes
section-io-id
edb67a42a6cc7b25cdfac3a03dc041c8
fbevents.js
connect.facebook.net/en_US/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15397
x-xss-protection
0
pragma
public
x-fb-debug
bTGT1UVdeYnqbxC1xP8a2cqXZ+GMxhZq3C/xYcsPEoO+p+x2MLtQ2sd/nQVO+gZZL02ig2NiFkiO9BRi4/RFNA==
date
Mon, 13 May 2019 12:14:00 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.157 Paris, France, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
age
72374
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-cdg20748-CDG
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1557749640.236744,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
tfa.js
cdn.taboola.com/libtrc/unip/1034141/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1034141/tfa.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f439d06b31431c40366690512548b080d57acdd300dd5ed56d8d7e89ad655595

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
MGU9_68nn.YALyTdtmO.0cKOGreqgeWu
content-encoding
gzip
age
17063
x-cache
HIT
status
200
date
Mon, 13 May 2019 12:14:00 GMT
x-amz-replication-status
COMPLETED
content-length
7735
x-amz-id-2
28DIid7WF4ZyOKXviQOOznHB4o4Yd1cF4YRg2g4BiSIT9ZNzBWtSjhO/x2tGfP+k49kwMMdoA/Y=
x-served-by
cache-hhn1531-HHN
last-modified
Mon, 13 May 2019 07:05:18 GMT
server
AmazonS3
x-timer
S1557749640.265668,VS0,VE1
etag
"1ebc722c3da75a7a11e787ea7ea89336"
vary
Accept-Encoding
x-amz-request-id
336342585BAA001B
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
4
x-cache-hits
1
ytc.js
s.yimg.com/wi/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:7c:800::4000 , United Kingdom, ASN43428 (YAHOO-ULS, GB),
Reverse DNS
Software
ATS /
Resource Hash
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
status
200
vary
Accept-Encoding
content-length
4111
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 18 Oct 2018 11:04:43 GMT
server
ATS
x-frame-options
DENY
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-782023289
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
ceb62cb1b6be4ec41e2517433dc347b8b5b2b9e7845ff595bcfe007381cb6712
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
br
last-modified
Thu, 09 May 2019 20:50:36 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24993
x-xss-protection
0
expires
Mon, 13 May 2019 12:14:00 GMT
B22411221.241945247;sz=1x2;ord=402249658971
ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=402249658971?
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f6.1e100.net
Software
cafe /
Resource Hash
6779121983d8763f26796aa00be7c49d1adfd63e71fc20b97a23a67b28b6c278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2970
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3...
9237602.fls.doubleclick.net/ Frame D160
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fww...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 13 May 2019 12:14:00 GMT
expires
Mon, 13 May 2019 12:14:00 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
400
x-xss-protection
0
set-cookie
IDE=AHWqTUna1mdPFAyDL6Q7ILRwoziNH7yGL4X7IKEwCY8OxCpCD8ATrbNo28E5sp0A; expires=Sat, 06-Jun-2020 12:14:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 13 May 2019 12:14:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=CKjR1s-9mOICFVJg0wod1x0HNA;src=9237602;type=ketto0;cat=dcm_k0;ord=1;num=2865846158312;gtm=2wg521;auiddc=997320356.1557749640;u1=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-May-2019 12:29:00 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%...
9237602.fls.doubleclick.net/ Frame E1F5
Redirect Chain
  • https://9237602.fls.doubleclick.net/activityi;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.or...
  • https://9237602.fls.doubleclick.net/activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveirann...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9237602.fls.doubleclick.net/activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9237602.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 13 May 2019 12:14:00 GMT
expires
Mon, 13 May 2019 12:14:00 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
395
x-xss-protection
0
set-cookie
IDE=AHWqTUn0evAABSh-1dLpoROE5W7MDYeGOwD7YjBS_0An5tQPwyflLJJPO0OBSkNO; expires=Sat, 06-Jun-2020 12:14:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Mon, 13 May 2019 12:14:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9237602.fls.doubleclick.net/activityi;dc_pre=COrT1s-9mOICFVFj0wodCrkGgA;src=9237602;type=sitew0;cat=dcm_s0;ord=6770450656479;gtm=2wg521;auiddc=997320356.1557749640;u1=%2Fstories%2Fsaveiranna;~oref=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-May-2019 12:29:00 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
a
wzrkt.com/ 		268 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=89&type=page&d=N4IgrgziBcIKYA8AucBOA7AhgGwPoGs50IBjASwHsQAacAWxnjszOxvBMYkwDc4zUmdFnZkAJowAsAJQBsAWkkB2ABzzp0yQC12ABwDmMAIy0SBxgAskSXRGgB6ewHcXAOkLWKriqn32ISD5kcBD%2BvPyCwpgA%2FGBIdLgkmHS6LProALzcfAJCWABkcQl0cGJkYHQZcMyshfG4EBRgqCRwVchoWHiExORUAL5AA%3D%3D&rn=1&i=1557749640&sn=0&r=1557749640280
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.42.0 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-42-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4daabeb98f624fd019dbbc3e2d0b756581e8becde8733bf46ad69b0cafc5edc9

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
va-c39a6ce29f98acd4e24145bd6d59b977.js
dev.visualwebsiteoptimizer.com/6.0/ 		179 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/6.0/va-c39a6ce29f98acd4e24145bd6d59b977.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=326437&u=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&r=0.6499541989915172
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.153 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
99.57.7a9f.ip4.static.sl-reverse.com
Software
dacdn2 /
Resource Hash
30fe985e0da37b188a9cffc5f8734f5ca3a8b591e9e4e42b5ce8955b66bc5b5b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
last-modified
Fri, 10 May 2019 10:59:28 GMT
server
dacdn2
access-control-allow-origin
*
etag
"5cd55990-ebcc"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
60364
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=326437&d=ketto.org&u=D996CA9DA6AA23EBF01A7E16C9BEA04EC&h=43dda1e77fe5bb01527e2b295a05e18f&t=false&r=0.5138999563829112
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt am Main, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:13:59 GMT
x-content-type-options
nosniff
server
fra1dacdn
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=291019463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_gid=216995836.1557749640&gjid=448407825&_v=j73&z=535304405
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_v=j73&z=535304405
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_v=j73&z=535304405&slf_rd=1&random=128491998
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_v=j73&z=535304405&slf_rd=1&random=128491998
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=2114575766.1557749640&jid=54585128&_v=j73&z=535304405&slf_rd=1&random=128491998
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
513405139012772
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/513405139012772?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
003d1f1228e92aad150733ac007c300c0759f8fe1e3600439420890a3ff5a99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
2juxTooptFeRD6ywIeeE03uEh7sWippiVQHjmBGwdI2TjoWNKgbcG1v2vbECIWRHRQCoe8nbeyFm17EiZFUqtA==
date
Mon, 13 May 2019 12:14:00 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/837073759/?random=1557749640341&cv=9&fst=1557749640341&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a3dbd29f8bb58315740f7eaee52a542bd0228e3a044baaf645d0345bca7cca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1040
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/930975017/?random=1557749640345&cv=9&fst=1557749640345&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ddb22a8911a19501d0e93a2c6a4bad7d0d57dfbedf441a52618a54d028d54067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1040
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963384337/?random=1557749640346&cv=9&fst=1557749640346&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
408814d4fec56e11629eeb3dd69ea829299f48b91ae656d981570ac10ac34a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1040
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.0a18438406c9bfb0d6d1.js
script.hotjar.com/ 		421 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0a18438406c9bfb0d6d1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.173 Amsterdam, Netherlands, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-27
Software
/
Resource Hash
d072e6d8b72e31cac4bb974e182efebc3cc0e12558a1af161f3c79270b2e28b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 May 2019 12:09:26 GMT
access-control-allow-origin
*
etag
W/"9fce34f2e0a6ac2f97b10ff9e0de8175"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.026
section-io-origin-status
200
accept-ranges
bytes
section-io-id
9c079650bf3b3f1d9dde68a3d4b3fe05
content-length
89203
sp.pl
sp.analytics.yahoo.com/ 		0
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Mon%2C%2013%20May%202019%2012%3A14%3A00%20GMT&n=0&b=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&.yp=10063059&f=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&enc=UTF-8
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
via
http/1.1 spdc0023.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options
nosniff
age
0
status
200
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
application/x-javascript
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
expires
Mon, 13 May 2019 12:14:00 GMT
unip
trc.taboola.com/1034141/log/3/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=page_view&tim=1557749640358&ref=N%2FA
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-cache-hits
0
x-served-by
cache-hhn1531-HHN
pragma
no-cache
server
nginx
x-timer
S1557749640.365608,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
lidar.js
www.googletagservices.com/activeview/js/current/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1067617.197812NSO.CODESRV/B22411221.241945247;sz=1x2;ord=402249658971?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e5dfd797a43f7ea8bebdc863b2cc4f219bd2d1286eede1fa21bf690209060f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1557327549562739"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29488
x-xss-protection
0
expires
Mon, 13 May 2019 12:14:00 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnduFBthSCsJpxJ1FBZjYe0Fd656MVieDZRVlmo2ad6gfbVhRfx1i7Rxa-8Qch8b6S853O3oigZJkVzk-2GE1QnXRODCaLU5K-0g6x2klQvolakY4&sig=Cg0ArKJSzKbOd3vamH9kEAE&urlfix=1&adurl=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
adsct
t.co/i/ 		43 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
117
pragma
no-cache
last-modified
Mon, 13 May 2019 12:14:00 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
13ac3f8862be5c6c05595f397bff91bb
x-transaction
00a94e2f004bdbb7
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1557749640400&cv=9&fst=1557749640400&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa521&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
84c0a99bd8e689404bef71b3cb1c6ac0df456659d2dd2394f5bf53590c31be46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1063
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame E358 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-200024.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.80.178 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-25
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
date
Mon, 13 May 2019 12:14:00 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.024
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
792cc4801adc7063a56f714ee3502231
/
www.google.com/pagead/1p-user-list/930975017/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/930975017/?random=1557749640345&cv=9&fst=1557748800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1908661789&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/930975017/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/930975017/?random=1557749640345&cv=9&fst=1557748800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1908661789&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/963384337/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963384337/?random=1557749640346&cv=9&fst=1557748800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=83279696&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/963384337/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/963384337/?random=1557749640346&cv=9&fst=1557748800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=83279696&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/837073759/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/837073759/?random=1557749640341&cv=9&fst=1557748800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2461586336&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/837073759/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/837073759/?random=1557749640341&cv=9&fst=1557748800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=2461586336&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1557749640400&cv=9&fst=1557748800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa521&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1042605323&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1557749640400&cv=9&fst=1557748800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa521&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=1042605323&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:00 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
vUoNgPGEKZfqf0ZKfXzI5RBMGWMVYLFnARBeuVyLoIM9iC4COkHLo68+hlZvNAmuvaqE+gySla5J5OOcYS0hyg==
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 May 2019 12:14:00 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
772
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
441308802710601
connect.facebook.net/signals/config/ 		207 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/441308802710601?v=2.8.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1d4d178d79752d3442d46b815cb8167299fc03059fe0fa34e8a044c8fcd5fffa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
Xe5u6aSVnBnZNHUAo8enLWYHFaUcaKhK30nFHOu+YpVlasfrzACXlaVe9O4LfZHIGlhw5VfkQUv9RuhKFb3bqQ==
date
Mon, 13 May 2019 12:14:00 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=513405139012772&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1557749640629&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557749640627.804505799&it=1557749640336&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 13 May 2019 12:14:00 GMT
/
www.facebook.com/tr/ 		44 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441308802710601&ev=PageView&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1557749640777&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557749640776.1510824377&it=1557749640336&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 13 May 2019 12:14:00 GMT
payjs-iframe
api.juspay.in/ Frame F475 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.juspay.in/payjs-iframe
Requested by
Host: api.juspay.in
URL: https://api.juspay.in/pay-v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.123.139 Mumbai, India, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-126-123-139.ap-south-1.compute.amazonaws.com
Software
*** /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Host
api.juspay.in
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

cache-control
private, no-cache, no-store, must-revalidate
content-type
text/html;charset=UTF-8
date
Mon, 13 May 2019 12:14:00 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
server
***
strict-transport-security
max-age=0; includeSubDomains
x-envoy-upstream-service-time
2
Content-Length
1970
Connection
keep-alive
secured-by-juspay-v1.jpg
d3oxf4lkkqx2kx.cloudfront.net/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3oxf4lkkqx2kx.cloudfront.net/images/secured-by-juspay-v1.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.146.160 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-146-160.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e24a1501c82b65a2441b05667c7b3cf24c825955caeb2c0b8be0ac7b732afa

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 01:44:48 GMT
via
1.1 150f249515041adfcc44683bff172916.cloudfront.net (CloudFront)
last-modified
Wed, 16 Mar 2016 13:37:11 GMT
server
AmazonS3
age
126929
etag
"2914a7982044706cab82eb33e748b54d"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
3001
x-amz-cf-id
O1j9JaVfXQTyW80wSbH1SclboEmn-YYSLzBqjtKpSLvaYKgVmgdwVQ==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d1vdjc70h9nzd9.cloudfront.net
URL: https://d1vdjc70h9nzd9.cloudfront.net/stories/build/storiesDefer.bundle.min.5cf221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0f641a416513caf277c777a71712c9e094586d818c82bb4d84efd26039a35447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VO2+Ok3B7tOJ2FkTq5zShw==
status
200
date
Mon, 13 May 2019 12:14:00 GMT
vary
Accept-Encoding
content-length
1778
x-fb-debug
/gBbRmzxvuXcIJ0oOerAihVn/zOsVFjG6B8WPdnOGxu6NDLK3c2r28JVIJPq3yKmKPdj8Zkpsh5svDUDDDIf1A==
x-fb-content-md5
3703ed7c21bc77f552736c6787041d63
etag
"5210632fc71d911506b28012346a3705"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 13 May 2019 12:15:10 GMT
iplocation
apis.ketto.org/api/third_party/ 		192 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/third_party/iplocation
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
d6bafc5d5605fbff8318e76918edca188e409adb4e5040d4daa0d4ceedcc6a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
saveiranna
apis.ketto.org/api/fundraisers/ 		1 KB
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/saveiranna?with=viewmedicalbill
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
742c623a4bbab44b3a96405d6390b7f265b24cab93d845f961ef81897c3c3e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
comments
apis.ketto.org/api/fundraisers/saveiranna/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/saveiranna/comments?limit=5&page=1
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
1b98ef9ad22a1fc628ee3d77eef73e22e25c2b926b776e3887b86bf6f75c09f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/88879/ 		25 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/88879/donors?with=donoravtar;comments;activation&donor_entity_details_id=undefined&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
donors
apis.ketto.org/api/fundraisers/88879/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/88879/donors?with=donoravtar;activation&limit=10&page=1&orderBy=creation_date&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
4e341f8633e67007edf423de4fa32bd9c0009e6721ec9bbead209c5317960762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
updates
apis.ketto.org/api/fundraisers/88879/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.ketto.org/api/fundraisers/88879/updates?with=owner.avtar&limit=1&page=1&orderBy=id&sortedBy=desc
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.169.244.171 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-169-244-171.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.11.9 /
Resource Hash
27cab7755d164b200cda95bd17384723f374d55b16d988669b7d3242e123d52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
status
200
server
nginx/1.11.9
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.ketto.org
x-xss-protection
1; mode=block
cache-control
no-cache, private
x-content-type-options
nosniff
logo-light-bg.svg
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/logo-light-bg.svg
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/custom.53bd68.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Mar 2019 06:53:26 GMT
content-encoding
gzip
last-modified
Mon, 07 May 2018 14:11:57 GMT
server
AmazonS3
age
4425635
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-id
lWwmH_mxDyyWwo58RKJo3UzkGHY0RypQllJmXjqqjWAI6K9BP8-pPA==
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
icon-secure-lock.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/icon-secure-lock.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/custom.53bd68.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 07:48:35 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Thu, 13 Dec 2018 11:12:04 GMT
server
AmazonS3
age
15537
etag
"b073ad3e3f41cfd507c4b09034b210ee"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
1552
x-amz-cf-id
KmOht3uRRQZ4lT1rP--8tNWMLFRu2QOubpUGVUzv3AhL-GQCbrxfNg==
mi-shine.png
d1vdjc70h9nzd9.cloudfront.net/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/mi-shine.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a33590.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 01:54:07 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:02 GMT
server
AmazonS3
age
728395
etag
"37d16b2f8ba85dd0f6daa5db90b7f902"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3890
x-amz-cf-id
Q2mZYVH1iZ7J2UNnHaT3B99r9Y8YUEw1Sq4P4uevrsR7waNietZUmQ==
source-sans-pro-v11-latin-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-regular.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:3c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a33590.css
Origin
https://www.ketto.org

Response headers

date
Sun, 05 May 2019 21:10:19 GMT
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
age
45779
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15908
last-modified
Tue, 20 Nov 2018 09:29:44 GMT
server
AmazonS3
etag
"76d8cbb0496cb184eff868152b67ad45"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
foqAZnksalAyl7BXNbmojdSiPruWBDYX9x7oc6HwkDyq60jtdVPIig==
faq_sprite_desktop.png
d1vdjc70h9nzd9.cloudfront.net/images/stories/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/stories/faq_sprite_desktop.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6babff8a064a68c126adbc925a876484b9540e78f9d24711d6b529071a8ffd2

Request headers

Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a33590.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 12 May 2019 11:21:02 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jul 2018 10:15:04 GMT
server
AmazonS3
etag
"274403d290205d18ed8a1a4609da867d"
x-cache
Hit from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
17714
x-amz-cf-id
kxI7wKF-RRJbytGpqNR_xWUzczSQw9S34-ueRWSVG05szn3Hu19Pcw==
BngRUXZYTXPIvIBgJJSb6u9mxLCGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v8/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v8/BngRUXZYTXPIvIBgJJSb6u9mxLCGwR2oefDo.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
082e1b3b1e722c84086de9f0467ebc3d06955e3a067f5642028f4bfa79229a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,700,500|Noto+Sans:400,700
Origin
https://www.ketto.org

Response headers

date
Sat, 09 Mar 2019 03:07:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:37 GMT
server
sffe
age
5648820
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11388
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:07:01 GMT
source-sans-pro-v11-latin-700.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/sourceSansPro/source-sans-pro-v11-latin-700.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:3c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a33590.css
Origin
https://www.ketto.org

Response headers

date
Sun, 12 May 2019 23:31:04 GMT
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
age
45778
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
15480
last-modified
Tue, 20 Nov 2018 09:29:43 GMT
server
AmazonS3
etag
"f04441cfc122bf84e1cf24058fddba87"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
C7M4aVZ2KBToO8hf_S45ZdSqpsztemFWGUvSCUOH6zisCn79saSuXA==
glyphicons-halflings-regular.woff2
d1vdjc70h9nzd9.cloudfront.net/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:3c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/custom.53bd68.css
Origin
https://www.ketto.org

Response headers

date
Sat, 11 May 2019 10:19:31 GMT
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
age
214773
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
18028
last-modified
Tue, 20 Nov 2018 09:29:35 GMT
server
AmazonS3
etag
"448c34a56d699c29117adc64c43affeb"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
mx59wL8ePRxqmoui5Shu69Jl9zCFKcaLrbn9iA3V382-YsdHfhpqxA==
a
wzrkt.com/ 		196 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=89&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciAwiVIQJYDmaABAGo0wDuMAJtrmACKEwhBKH4oaAYxiMAKtDIhxAZwDWYAPZReABUJ0ZAVQBKAGQQgA9Ms0AnNsuuFUNW4TRoROAMoxlymg0mAEl%2BC0kAMwBGAE4YABYADliAZgiYlMSuADZJQnTJAHZCgCYABhTClJgAI3iI3mCdRgBBLi5bP2ULRJSAOhjCvpL%2BlIBWXgAhWw12ZRhbC3IACxnSXkpianomWRowABtFYylVZWXCdkYOmlRbRhtbAFc6OiPlRk0H5xllmg%2BaoQahBGOxlhpGP9GBF6MswDQ0HRGHk0NJFjh8HQIaELIUoikYrwAKKoDCMHGIMobQhPebksKIKJjKk4TbbBj0nqJRKFQmsqi0DnyWAWQg8HCGWQAWUY3g0T1s0gsMAAHmAFp4DgB9VToZSSQK8SUyqXcGhPYjK4i0A5G6WMNmCtAWZQ%2FVzuTy8YUwLUtSYWf0AXxwNB4iHixmyAFp4oVElHjMZ4gAtXh0CzZBJlGrMoHZGJceKSHKJGqFMbtGJZMZ4mIlGKSXhQdPwKKBoAA%3D&rn=2&i=1557749641&sn=0&gc=6e40b50ab69d4cd68b75dd98d571929c&r=1557749641174
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.42.0 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-42-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
106334b4af0a31038edbc863f27e3ab40d09e672546ee0ab1d62a10f9fd4d7ab

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
vary
Accept-Encoding, User-Agent
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJRMLZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
2c2b83b5a9f188b6f91fdb4db32a68cae12d7c15d62263ebd3e345429dab2ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8874
x-xss-protection
0
server
cafe
etag
3302323910089655626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 May 2019 12:14:01 GMT
unip
trc.taboola.com/1034141/log/3/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1034141/log/3/unip?en=view_content&tim=1557749641202&ref=N%2FA
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1557749641.209360,VS0,VE8
x-served-by
cache-hhn1531-HHN
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ketto.org
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
graph.facebook.com/ 		194 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https://www.ketto.org/stories/saveiranna&fields=engagement&access_token=411478629648295%7Cf87acc04f1b9c513ab4d9104331523e8
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:20e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
80fea2712ef7fa25e313f025c7bd872ae1294d5eb783a175c171eead6b701ba4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept
*/*
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"1a518639b2e61b3868d4a0b3bae5e219d7eaa247"
x-app-usage
{"call_count":52,"total_cputime":0,"total_time":7}
status
200
x-fb-rev
1000702880
content-length
116
pragma
no-cache
x-fb-debug
5ckvya/jKFOr1PA4E2lSevwZDUpB4Ml15bvHdc84fbcE4ZXaZOuvWL/TPzzRpdeoXp6goWxnHP5IK3/6bIvXeA==
x-fb-trace-id
BFqM/6BwveO
date
Mon, 13 May 2019 12:14:01 GMT
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AgNMu_e1TQVJnOjlNAxjh1W
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v3.2
expires
Sat, 01 Jan 2000 00:00:00 GMT
7.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/7.png
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7143357f014d4f423a93739d4e083cb74ce226a80c980df06d4e726822c7e33

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 21:02:14 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:08 GMT
server
AmazonS3
age
659507
etag
"0e449499e52f2110e0d83c5e783211c3"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15362
x-amz-cf-id
BtTs5otYVTGpizpdajUs2BjczugBmlZV0CDHFWqhuyyFivJP-_-O4g==
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=291019463&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_sour...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_gid=508503268.1557749641&gjid=455085835&_v=j73&z=1926315541
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_v=j73&z=1926315541
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_v=j73&z=1926315541&slf_rd=1&random=2640491742
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_v=j73&z=1926315541&slf_rd=1&random=2640491742
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-30181760-1&cid=1965076790.1557749641&jid=251357387&_v=j73&z=1926315541&slf_rd=1&random=2640491742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mark
trc.taboola.com/ketto-sc/log/3/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/ketto-sc/log/3/mark?marking-type=Visitor&item-url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&gtmcb=719278974
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn1531-HHN
pragma
no-cache
server
nginx
x-timer
S1557749641.318566,VS0,VE8
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.facebook.com/tr/ 		44 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=513405139012772&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&rl=&if=false&ts=1557749641200&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1557749640776.1510824377&it=1557749640336&coo=false&rqm=GET
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 13 May 2019 12:14:01 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=441308802710601&ev=ViewContent&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio...
  • https://cx.atdmt.com/?c=7895858085093183545&f=AYwAAbHgaxcqLyRirASTDGIIQGsjfL_86hIE_pY5T2f73x3bAxrTKo1Wx9qkAnMLbozC708UOdE-BMYrtx5gvPET&id=441308802710601&l=3&v=0
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=7895858085093183545&f=AYwAAbHgaxcqLyRirASTDGIIQGsjfL_86hIE_pY5T2f73x3bAxrTKo1Wx9qkAnMLbozC708UOdE-BMYrtx5gvPET&id=441308802710601&l=3&v=0
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:2:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Mon, 13 May 2019 12:14:01 GMT
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
content-length
42
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
server
proxygen-bolt
location
https://cx.atdmt.com/?c=7895858085093183545&f=AYwAAbHgaxcqLyRirASTDGIIQGsjfL_86hIE_pY5T2f73x3bAxrTKo1Wx9qkAnMLbozC708UOdE-BMYrtx5gvPET&id=441308802710601&l=3&v=0
content-type
text/plain
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
adsct
analytics.twitter.com/i/ 		31 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nys4q&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
119
pragma
no-cache
last-modified
Mon, 13 May 2019 12:14:01 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4233ca6acc03c2bdf2c5653ed2782403
x-transaction
00023215001566e6
expires
Tue, 31 Mar 1981 05:00:00 GMT
channel.html
js.stripe.com/v2/ Frame B006 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default419873&stripe_xdm_p=1
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.ketto.org&stripe_xdm_c=default419873&stripe_xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
x-amz-id-2
sqUPInYyc1TeNZz8S76vtNhvCQyrn+6/pfGWuWNoWR9CrQSu5GVqQgWFsHXwexRUoxc+1+3uBE0=
x-amz-request-id
8F7B30D7170C00A5
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"19af0c6cc7a0bca20a355b3362dc64a0"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 13 May 2019 12:14:01 GMT
via
1.1 varnish
age
92
x-served-by
cache-hhn1542-HHN
x-cache
HIT
x-cache-hits
120
x-timer
S1557749641.348282,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
560
38082fba748a112b0f1e39fd869f6d04f174f408.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/38082fba748a112b0f1e39fd869f6d04f174f408.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
894f2e460e11004565c65160d55d7754d6571ff00219f228978a3826d3cb13d0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 13:31:11 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Fri, 12 Apr 2019 11:01:42 GMT
server
AmazonS3
age
686570
etag
"866654e191284cfd2b1a6e9ea1904411"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48335
x-amz-cf-id
jm2j3mzAaFr5bM8O_Z6Q4iYnp6EDHpOwwLYiBpy3stZ-yQRDsT7zWg==
b67ae0baaa297a18ca5de94eb25257f0be888616.jpg
d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/campaignuploads/b67ae0baaa297a18ca5de94eb25257f0be888616.jpg
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780c64f42782a679de8e6fefe7468f3761877585a393da036b152fec96de8133

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 06 May 2019 14:55:17 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Fri, 12 Apr 2019 11:02:08 GMT
server
AmazonS3
age
595125
etag
"823c7c43181446ddc23afc3c45e51678"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
44648
x-amz-cf-id
jl7cu1heeT2LJiDwo0tYx32TPN6ZAv8_RmH88Vlq4dV28VxZBvXWqw==
sdk.js
connect.facebook.net/en_US/ 		195 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=efc8aeacd416d1bc94b4ed34d578e305&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ec4984ddef8dfa01ed27dab4f626f3f46d4be809dea9ec513cb1d0596331a36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Origin
https://www.ketto.org

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
76BW6Tisz3mcEo6YI/w1TQ==
status
200
date
Mon, 13 May 2019 12:14:01 GMT
vary
Accept-Encoding
content-length
59259
x-fb-debug
oJX+AKquZAYOSq5Dw3VmExqI708w2FbQ/5QTx2i09rhRwK6RFRRUA1TZVrD0+i97bNCT9lFopkEh91+13CMleA==
x-fb-content-md5
d79f3ec6090b5db52d5e74e15d8c8e47
etag
"29fe23fc46a778523bdae028c63aeb4b"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 12 May 2020 10:55:34 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/782023289/?random=1557749641477&cv=9&fst=1557749641477&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
469861c0d3129f8870765275eac606ef04270f41db456881befc9b5b9040507e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1094
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame BA41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2773
pragma
no-cache
cache-control
no-cache
origin
https://www.ketto.org
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
fr=0YAVp96NbvK3MiZk5..Bc2V-I..FzZ.1.0.Bc2V-I.
Origin
https://www.ketto.org
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.ketto.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 13 May 2019 12:14:01 GMT
/
www.facebook.com/tr/ Frame 78C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2773
pragma
no-cache
cache-control
no-cache
origin
https://www.ketto.org
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
fr=0YAVp96NbvK3MiZk5..Bc2V-I..FzZ.1.0.Bc2V-I.
Origin
https://www.ketto.org
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.ketto.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 13 May 2019 12:14:01 GMT
/
www.google.com/pagead/1p-user-list/782023289/ 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/782023289/?random=1557749641477&cv=9&fst=1557748800000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=4263783806&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/782023289/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/782023289/?random=1557749641477&cv=9&fst=1557748800000&num=1&label=7U2NCOX2yJkBEPn08vQC&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg521&sendb=1&frm=0&url=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&tiba=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&async=1&fmt=3&cdct=2&is_vtc=1&random=4263783806&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:01 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 2C04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=efc8aeacd416d1bc94b4ed34d578e305&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
fr=0YAVp96NbvK3MiZk5..Bc2V-I..FzZ.1.0.Bc2V-I.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 06 May 2020 21:12:03 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
Jb8FVIF/+Xk+98KeJCVfXS5Id7SExi6362BHktE2zCZJNdB6ih0RXayyFpaY9smEKxVqPxCV5ZOpmixA0wfpjg==
content-length
11009
date
Mon, 13 May 2019 12:14:01 GMT
nr-1123.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1123.min.js
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 12:14:01 GMT
content-encoding
gzip
x-amz-request-id
341E030C1DDF664A
x-cache
HIT
status
200
content-length
9288
x-amz-id-2
153YTVcYZ4C25LHUHqqEX/Bh3Ko4Z6ALsb9OC4zgURujS4K7JgvTpNujiBeT42zMfjEvHGjWLkk=
x-served-by
cache-hhn1520-HHN
last-modified
Fri, 22 Mar 2019 14:06:15 GMT
server
AmazonS3
x-timer
S1557749642.637422,VS0,VE0
etag
"7ffb242072196e9db5f4f1bfbfa2ed7d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
53110
outer.html
js.stripe.com/v2/m/ Frame 6DF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v2/m/outer.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v2/m/outer.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
x-amz-id-2
LAnsnsTNoVpv6oi25DHhwB+VaRUVxEaAhsEuN0tFYht8X6gbRjq7UyDq8YWTSaSI1W/cDKT2MrY=
x-amz-request-id
536C64458FAC5A43
last-modified
Wed, 06 Sep 2017 17:40:34 GMT
etag
"51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Mon, 13 May 2019 12:14:01 GMT
via
1.1 varnish
age
275
x-served-by
cache-hhn1542-HHN
x-cache
HIT
x-cache-hits
616
x-timer
S1557749642.645085,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-length
388
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame FCAB
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=287403324698248&domain=www.ketto.org&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=efc8aeacd416d1bc94b4ed34d578e305&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
accept-encoding
gzip, deflate, br
cookie
fr=0YAVp96NbvK3MiZk5..Bc2V-I..FzZ.1.0.Bc2V-I.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Wed, 06 May 2020 21:12:03 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
Jb8FVIF/+Xk+98KeJCVfXS5Id7SExi6362BHktE2zCZJNdB6ih0RXayyFpaY9smEKxVqPxCV5ZOpmixA0wfpjg==
content-length
11009
date
Mon, 13 May 2019 12:14:01 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44#cb=f30bf6096decc24&domain=www.ketto.org&origin=https%3A%2F%2Fwww.ketto.org%2Ff21fa3009b9cbd&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
vsogeleat+YLN5RvUQNrrAu5jJ8hnjwNHlO9MT58Wh9L2bc6IHG/z4ehm2PW5fZFmLVnwFum5OB8frRlRLbH+g==
content-length
0
date
Mon, 13 May 2019 12:14:01 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=291019463&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.ketto.org%2Fstories%2Fsaveiranna%3Futm_campaign%3Dsaveiranna%26utm_medium%3Demail%26utm_source%3Dexternal_kenscio&ul=en-us&de=UTF-8&dt=Rickshaw%20driver%20struggles%20to%20save%20his%20baby%20who%20is%20fighting%20cancer%20-%20Ketto&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GTM&ea=10%20Second&_u=aHBAAAAB~&jid=&gjid=&cid=2114575766.1557749640&tid=UA-30181760-1&_gid=216995836.1557749640&gtm=2wg521MJRMLZ&cd12=1557749640216.a6rv22gd&cd14=2114575766.1557749640&z=365241387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Mar 2019 19:39:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4034066
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
f64838bf44
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f64838bf44?a=14449237&v=1123.df1c7f8&to=blRTbBcCCBIAW0NZWlceck0WFwkMTl5FX1tNdF9cShASDhNRUkMaSkVeShw%3D&rst=3155&ref=https://www.ketto.org/stories/saveiranna&ap=224&be=1466&fe=3083&dc=2313&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1557749638550,%22n%22:0,%22f%22:105,%22dn%22:106,%22dne%22:216,%22c%22:216,%22s%22:229,%22ce%22:251,%22rq%22:252,%22rp%22:1340,%22rpe%22:1571,%22dl%22:1460,%22di%22:1788,%22ds%22:2312,%22de%22:2766,%22dc%22:3083,%22l%22:3083,%22le%22:3114%7D,%22navigation%22:%7B%7D%7D&at=QhNQGl8YGxw%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5cd8efdf0c7bc.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/950000/950325/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/individual/950000/950325/image/5cd8efdf0c7bc.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
702a97cb380a400177584fb7879bf8c40371717d2d7a1f34170d1d16a40c6053

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 11:07:35 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 13 May 2019 04:17:46 GMT
server
AmazonS3
age
3987
etag
"27587683d3e05b6c826be41682705603"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
4713
x-amz-cf-id
EB5Epcg5Bdq7y1_9SVqr6hPuWMN7o78mlpSxv_4rr6jkMUzq7r0crg==
icomoon.z3gnh4.ttf
d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/fonts/ketto_fonts/icomoon.z3gnh4.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:3c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d1vdjc70h9nzd9.cloudfront.net/less/story/stories.designD.bundle.a33590.css
Origin
https://www.ketto.org

Response headers

date
Sun, 12 May 2019 17:49:34 GMT
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
age
66268
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
40168
last-modified
Tue, 30 Apr 2019 14:15:35 GMT
server
AmazonS3
etag
"13ac5beca606f472d9f1c68f2c25b01c"
vary
Origin
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
F4Iw1Wsmgmno0pnzsT0txTUV8HyxECPHs6Ow3OlGonGZXfaH75nUqA==
5cd8efdf0c7bc.jpg
d1vdjc70h9nzd9.cloudfront.net/media/individual/950000/950325/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/media/individual/950000/950325/image/5cd8efdf0c7bc.jpg
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
702a97cb380a400177584fb7879bf8c40371717d2d7a1f34170d1d16a40c6053

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 13 May 2019 11:07:35 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 13 May 2019 04:17:46 GMT
server
AmazonS3
age
3987
etag
"27587683d3e05b6c826be41682705603"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000 public
accept-ranges
bytes
content-length
4713
x-amz-cf-id
S5bja8YBocc6JBjvpn1GdXwH8A__ia0SF8cWHroesVHa-lsG1decQw==
7.png
d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1vdjc70h9nzd9.cloudfront.net/images/random_supporters/7.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9c00:d:e617:f340:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7143357f014d4f423a93739d4e083cb74ce226a80c980df06d4e726822c7e33

Request headers

Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 05 May 2019 21:02:14 GMT
via
1.1 c55f09a9188f77960d35c97bad15e1b2.cloudfront.net (CloudFront)
last-modified
Mon, 07 May 2018 14:12:08 GMT
server
AmazonS3
age
659507
etag
"0e449499e52f2110e0d83c5e783211c3"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15362
x-amz-cf-id
ngeVPAEB4_nBs23DJ8r5_mQYRuaXCI2cTfvPmsrlQZlJsMOueNMiYA==
system_event.php
www.ketto.org/vars/ 		16 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ketto.org/vars/system_event.php?val%5BeventName%5D=pageView&val%5Bevent_type%5D=campaign&val%5Bevent_type_id%5D=88879&val%5Bpage_name%5D=stories&val%5Breferrer_page%5D=
Requested by
Host: www.ketto.org
URL: https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.77 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-157-77.fra53.r.cloudfront.net
Software
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98

Request headers

Accept
*/*
X-NewRelic-ID
VQUGVFNQDhABUFVWDgMEUQ==
Referer
https://www.ketto.org/stories/saveiranna?utm_campaign=saveiranna&utm_medium=email&utm_source=external_kenscio
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

pragma
no-cache
date
Mon, 13 May 2019 12:14:03 GMT
via
1.1 bae3e24625567f5728a5caa96d6b7669.cloudfront.net (CloudFront)
x-newrelic-app-data
PxQGUldWDQAGR1BWAwUOVFcGFB9AMQYAZBBZDEtZV0ZaClc9HiJGERBZWj1JBUpcXhAkDFNtGBAFQ0VvTRUaEUQHVT1dTlFcR0cVUR9RA1JUBhtRSFMAAABVTU8GHRVQUVUOAgEEBlpSAQ1VAABXEB8DWA1CBG4=
server
Apache/2.4.39 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
pageurl-1
1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
application/json
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
16
x-amz-cf-id
rAo0pdhBwQJnocY_YSnVqpFMGaYUmsVoOAKSgAU4PhU_TFozQ5gHWA==
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer boolean| isCached object| clevertap object| TRACKING_DETAILS number| _vwo_clicks object| _vwo_code number| settings_timer number| _vwo_settings_timer object| VWO object| _vwo_evq object| hiddengoalcampaign object| amountRaisedCampaign object| daysLeftCampaign string| browserName number| IS_WHITE_LABEL number| FB_APP_ID number| hasDraft string| PHP_API_URL string| custom_tag string| campaign_share_url_exitIntent string| campaign_share_url string| campaign_share_count_url string| device string| supporters_pagination_url string| s3_url boolean| ended string| designTemplate string| beneficiary_fname string| hospital_name string| countryCode string| apiHostUrl string| videoID object| userDetailsAPI string| landingCurrency string| supporterImage string| pageReload string| baseCurrency string| onlyBaseCurrency string| loadPayment string| showTip boolean| showTipVariation boolean| isWhiteLabel boolean| userDonatedCurrentSession object| storyAB boolean| hasSurrogateCampaigns boolean| hasUserDonated string| surrogateCampaginLoginRedirectUrl boolean| isUserLoggedIn boolean| loggedUserEmail object| google_tag_manager function| postscribe object| angular object| requestvalue number| newStory object| user_data string| cdn_url function| pageData string| page_version object| typeAB string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| twq object| _tfa object| dotq number| randomNumber object| scriptTag object| insertionNode string| conversionTag object| app string| api_url boolean| isToken_url object| ip2Details string| dimensionValue string| usedDevice number| isbilldesk object| componentForm object| wizrocket object| $WZRK_WR object| $CLTP_WR number| _vwo_acc_id object| _vwo_style string| _vwo_css string| _vwo_text object| _vwo_textnode string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib undefined| b object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| discardDraft object| addthis_config function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf object| TRC object| TRCImpl function| __trcError function| __trcJSONify object| queue object| DfaVisibilityIdentifier_123907502_avData function| pdib object| google_image_requests function| gtag function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ object| __core-js_shared__ function| Razorpay function| Stripe object| Juspay object| p_img object| appIds string| selectedId function| login function| getFriends function| triggerFShareDialogClick function| triggerFShareExitDialogClick function| fbPageShare function| fbElfPageShare function| fbIplshare function| showCount function| loginFB function| connect function| DialogTrigger function| chechPopupShown function| setPopupShown function| setPopUpCookie function| getPopUpCookie function| ga_ABcheck function| ga_KettoLike function| ga_startCampaign function| event_fb_connect function| event_profilePic_popup function| AB_ExiteIntent function| ga_shareCommentAb function| showLeadModelBox function| setCookie function| getCookie function| showCampaignDraftPopup function| managerHelpPopup function| managerHelpPopupMobile function| showLeadModelBoxMobile function| similarFundModelBoxMobile function| systemEvent function| triggerEvent object| WIZRocket number| search_click function| Blazy function| fbAsyncInit function| setImmediate function| clearImmediate function| swal function| sweetAlert object| bioEp object| intlTelInputUtils object| FB function| getClientId object| difference number| __google_lidar_adblocks_count_

13 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.facebook.com/ Name: fr
Value: 0YAVp96NbvK3MiZk5..Bc2V-I..FzZ.1.0.Bc2V-I.
.www.ketto.org/ Name: __stripe_sid
Value: e2d524c0-1a4e-49df-8c89-fd262eaf6573
.www.ketto.org/ Name: __stripe_mid
Value: 5826f755-0705-4dda-9de2-1a22036e3ee8
www.ketto.org/ Name: utm_medium
Value: email
.www.ketto.org/ Name: WZRK_L
Value: %257B%257D
.ketto.org/ Name: _gid
Value: GA1.2.508503268.1557749641
.ketto.org/ Name: _ga
Value: GA1.2.1965076790.1557749641
www.ketto.org/ Name: utm_campaign
Value: saveiranna
.ketto.org/ Name: _gat_UA-30181760-1
Value: 1
www.ketto.org/ Name: utm_source
Value: external_kenscio
.ketto.org/ Name: WZRK_S_4R6-478-RR4Z
Value: %7B%22s%22%3A1557749641%2C%22t%22%3A1557749641%7D
.ketto.org/ Name: _fbp
Value: fb.1.1557749640776.1510824377

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9237602.fls.doubleclick.net
ad.doubleclick.net
ajax.googleapis.com
analytics.twitter.com
api.juspay.in
apis.ketto.org
bam.nr-data.net
cdn.taboola.com
checkout.razorpay.com
connect.facebook.net
cx.atdmt.com
d1vdjc70h9nzd9.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
d3oxf4lkkqx2kx.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
js-agent.newrelic.com
js.stripe.com
mail.quicklivedeals.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
trc.taboola.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ketto.org
wzrkt.com
104.244.42.3
104.244.42.69
13.126.123.139
13.127.150.54
147.75.205.43
147.75.32.173
147.75.80.178
151.101.0.176
151.101.120.157
151.101.2.110
151.101.2.2
159.122.87.148
159.122.87.153
162.247.242.20
172.217.18.166
172.217.22.34
188.125.66.33
216.58.207.34
2600:9000:200c:3c00:d:e617:f340:21
2600:9000:200c:9c00:d:e617:f340:21
2a00:1288:7c:800::4000
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:814::2002
2a00:1450:4001:814::200a
2a00:1450:4001:817::200a
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c08::9a
2a03:2880:f01c:20e:face:b00c:0:2
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f0ff:2:face:b00c:0:8c
2a03:2880:f11c:8083:face:b00c:0:25de
34.253.42.0
52.222.146.160
52.222.157.64
52.222.157.77
54.169.244.171
91.192.43.153
003d1f1228e92aad150733ac007c300c0759f8fe1e3600439420890a3ff5a99a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
082e1b3b1e722c84086de9f0467ebc3d06955e3a067f5642028f4bfa79229a12
0841b39dcfbe3850b07ac0ab70b91944f37fe98d027690369aa5ff84cc03f3f5
0ac7b96f0bc593ff1f37f86ca552bdc9bb8c4518bf780a821b1986681a95ff7d
0f641a416513caf277c777a71712c9e094586d818c82bb4d84efd26039a35447
106334b4af0a31038edbc863f27e3ab40d09e672546ee0ab1d62a10f9fd4d7ab
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121b3bad035f5a87c185bb1ce9465eba6c0d8ca0fcf03fced81559192cb06d85
17b61fd48fcbd54aac4d9e9d7c3dd01644a1fc824e36b809e4e5c934604efbb6
1b98ef9ad22a1fc628ee3d77eef73e22e25c2b926b776e3887b86bf6f75c09f4
1d4d178d79752d3442d46b815cb8167299fc03059fe0fa34e8a044c8fcd5fffa
1ec0fbc72fcfcea31f22828dcf89e2bd9fa7f03e84ef8d8546adb410f3096117
1f8fe1ba129beba4f7b48d5f54acb721c82347cd76c0c8c43d168523569f159f
27cab7755d164b200cda95bd17384723f374d55b16d988669b7d3242e123d52a
28f1f51e665dd4607e10a96dd7a84d40b5cd2a8063157e357be73244df657720
2c2b83b5a9f188b6f91fdb4db32a68cae12d7c15d62263ebd3e345429dab2ec5
30fe985e0da37b188a9cffc5f8734f5ca3a8b591e9e4e42b5ce8955b66bc5b5b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
398135c0135d369136efce4e6cd800ff260720e75e3631abc8cd6f8022d584af
39824f2ec741ce74a8d37f33d384fd09b082368c2e93a05a8627de1561401d98
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
408814d4fec56e11629eeb3dd69ea829299f48b91ae656d981570ac10ac34a97
40e24a1501c82b65a2441b05667c7b3cf24c825955caeb2c0b8be0ac7b732afa
469861c0d3129f8870765275eac606ef04270f41db456881befc9b5b9040507e
480b0dcf87f3762059569007f32ef80a5e21f1115718c5bfc7644f3e701722dd
4daabeb98f624fd019dbbc3e2d0b756581e8becde8733bf46ad69b0cafc5edc9
4e341f8633e67007edf423de4fa32bd9c0009e6721ec9bbead209c5317960762
65dfb42ed406efb3d8f716913d3b55bc23f267635589429bb670e543dfac0383
6643adc3ec22b456976553a5b122ffb86c80b2529ab4be5299f2d216dbd89fdf
6779121983d8763f26796aa00be7c49d1adfd63e71fc20b97a23a67b28b6c278
69d1e798d04bbe7a59c5c79b57fe1e5030c92a1876ca86ecee1e0db3525b4c43
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
702a97cb380a400177584fb7879bf8c40371717d2d7a1f34170d1d16a40c6053
742c623a4bbab44b3a96405d6390b7f265b24cab93d845f961ef81897c3c3e8b
74d5ff258f3a720ca399e4697684a71e3ff52474082c30b995157b1c1c683000
780c64f42782a679de8e6fefe7468f3761877585a393da036b152fec96de8133
796cf812111acb618a626ff1c5f33d6104a9dd09cf3e78576b0bb2a8940bbdfe
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
80fea2712ef7fa25e313f025c7bd872ae1294d5eb783a175c171eead6b701ba4
81b0036608574dee94fb2bf0eb8b23e9175d41fbb1c09132aa9e1e7f3250039a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c0a99bd8e689404bef71b3cb1c6ac0df456659d2dd2394f5bf53590c31be46
87e9f7fe6ad4e58a72b5e1b082c16ce860cfb7158028a1cdda589600362cda44
894f2e460e11004565c65160d55d7754d6571ff00219f228978a3826d3cb13d0
8ac3d36c6322eefcaea87ebbe52f803e51dfd23937edf4122b4887c51ebb3c4a
94b318e07378838a6b45d0f89aeb4f5a79daf8a78c3db7b1ecf53e072c724946
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
94eeb8ca0c372a7079499fa59b4fe106671032cab04d86fa4df1241c47a35156
a3dbd29f8bb58315740f7eaee52a542bd0228e3a044baaf645d0345bca7cca18
a52d3ba4d9a879ab1faf1f4d853fa1d41ccb94faf4ca0a09f5c7b06573173ec9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aff5de7eb89ef6037aaac8f203a4051be7ef6ca590f5114b777d489106e0d940
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c7143357f014d4f423a93739d4e083cb74ce226a80c980df06d4e726822c7e33
c91158a8a0abe1393831da5efc62d53ad3b41b545774f1c3a003d55c2d5f28cf
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ceb62cb1b6be4ec41e2517433dc347b8b5b2b9e7845ff595bcfe007381cb6712
d072e6d8b72e31cac4bb974e182efebc3cc0e12558a1af161f3c79270b2e28b8
d6babff8a064a68c126adbc925a876484b9540e78f9d24711d6b529071a8ffd2
d6bafc5d5605fbff8318e76918edca188e409adb4e5040d4daa0d4ceedcc6a20
ddb22a8911a19501d0e93a2c6a4bad7d0d57dfbedf441a52618a54d028d54067
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfcfcf508411f75131ee051b3e8bd38b7869dcfc7c2a19e5a2cff1c9982baddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e5dfd797a43f7ea8bebdc863b2cc4f219bd2d1286eede1fa21bf690209060f51
ec4984ddef8dfa01ed27dab4f626f3f46d4be809dea9ec513cb1d0596331a36c
ed098df82da8320c1786f312585ebc4b1b4817ed5ebeecd03e25afd37b97cc23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01e18f943895384d10b2ca16c03fd6b4e5d67eaa5403116053b9be6a222b11a
f35596304fc51b9d33c525eef4d22461d2937157c893dcdb2345df9ccd2c4d95
f439d06b31431c40366690512548b080d57acdd300dd5ed56d8d7e89ad655595
f64c3a31df743619803722968f357ba76b89c879c632601f1b41c4ba64ff011f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c